Technical
Advisory
Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.
Vulnerability
Opera Mini Location Permission Spoof Vulnerability
Vulnerability Description
A location permission spoof vulnerability was discovered in opera mini 47.1.2249.129326 for Android which allows an attacker to spoof location permission dialog box origined from attackers website while being on any legit website.
CVE ID
CVE-2018-16135
Vendor
Disclosure Timeline
02 August 2018 - Reported to vendor
18 August 2018 - Patch confimration received from vendor
Credits
Nikhil Mittal
Advisory
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16135