CVE-2011-4682 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-4682 Interim 1 6 2021-06-19T14:46:27Z current 2021-05-30T13:00:51Z 2021-06-19T14:46:27Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-4682 The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different web sites. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-updates/2011-12/msg00005.html E-Mail link for openSUSE-SU-2011:1314-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different web sites. CVE-2011-4682 moderate 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N