A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.1039 Percentile:
0.92863
CVSS Scoring
CVSS v2 Score: 2.6
Severity:
Mapped CWE(s)
CWE-362
: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
All CAPEC(s)
CAPEC-26: Leveraging Race Conditions
CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions