CVE-2013-3210 Information

Description

Opera before 12.15 does not properly block top-level domains in Set-Cookie headers which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain.

Reference

http://www.opera.com/docs/changelogs/unified/1215/ http://www.opera.com/security/advisory/1047