Well, this one is a continuation of my previous post on Cross Site Scripting issues relating to RSS feed readers. In that post, I mentioned Scenario (3), but didn’t discuss any details or PoC since Opera Team was actively fixing it. This issue is now fixed in the latest security update v10.01 from Opera Team.
Whitelisted HTML Tags Definition – Opera Feed Subscription Page (Source – DragonFly)
So, here is an example PoC exploit code which executes the opera.feeds.subscribeNative function to automatically register a feed in Opera browser without user consent.
NOTE: The owners of SecureThoughts.com did not produce this content, nor own the copyright to this content. This content has been reproduced in it’s original form to preserve the knowledge contained within. If you are the original owner of this content and want it attributed to your website or it altered in any way, please complete the contact form and we will edit it immediately.