Technical
Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

...
...

Vulnerability

Opera Mini Location Permission Spoof Vulnerability

Vulnerability Description

A location permission spoof vulnerability was discovered in opera mini 47.1.2249.129326 for Android which allows an attacker to spoof location permission dialog box origined from attackers website while being on any legit website.

CVE ID

CVE-2018-16135

Vendor

https://www.opera.com/

Disclosure Timeline

02 August 2018 - Reported to vendor

18 August 2018 - Patch confimration received from vendor

Credits

Nikhil Mittal

Advisory

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16135