Vulnerability
Opera Mini Location Permission Spoof Vulnerability
Vulnerability Description
A location permission spoof vulnerability was discovered in opera mini 47.1.2249.129326 for Android which allows an attacker to spoof location permission dialog box origined from attackers website while being on any legit website.
CVE ID
CVE-2018-16135
Vendor
Disclosure Timeline
02 August 2018 – Reported to vendor
18 August 2018 – Patch confimration received from vendor
Credits
Nikhil Mittal
Advisory
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16135