CVE-2008-4697

Name: CVE-2008-4697
Creator: NVD / NIST
Published: 2008-10-23T22:00:01.467+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.71%

Last modified Jun 16, 2026

CVE-2008-4697 is a vulnerability of currently unknown severity. The Fast Forward feature in Opera before 9.61, when a page is located in a frame, executes a javascript: URL in the context of the outermost page instead of the page that contains this URL, which allows remote attackers to conduct cross-site scripting (XSS) attacks.. EPSS estimates a 1.71% chance of exploitation in the next 30 days.

Description

The Fast Forward feature in Opera before 9.61, when a page is located in a frame, executes a javascript: URL in the context of the outermost page instead of the page that contains this URL, which allows remote attackers to conduct cross-site scripting (XSS) attacks.

Metrics

EPSS Probability

1.71%

74.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-79

Affected Software

Vendor	Product	Versions	Update
Opera	Opera Browser	<= 9.60	—
Opera	Opera Browser	5.0	—
Opera	Opera Browser	5.02	—
Opera	Opera Browser	5.10	—
Opera	Opera Browser	5.11	—
Opera	Opera Browser	5.12	—
Opera	Opera Browser	6.0	—
Opera	Opera Browser	6.1	—
Opera	Opera Browser	6.01	—
Opera	Opera Browser	6.02	—
Opera	Opera Browser	6.03	—
Opera	Opera Browser	6.04	—
Opera	Opera Browser	6.05	—
Opera	Opera Browser	6.06	—
Opera	Opera Browser	6.11	—
Opera	Opera Browser	6.12	—
Opera	Opera Browser	7.0	—
Opera	Opera Browser	7.01	—
Opera	Opera Browser	7.02	—
Opera	Opera Browser	7.03	—
Opera	Opera Browser	7.10	—
Opera	Opera Browser	7.11	—
Opera	Opera Browser	7.20	—
Opera	Opera Browser	7.21	—
Opera	Opera Browser	7.22	—
Opera	Opera Browser	7.23	—
Opera	Opera Browser	7.50	—
Opera	Opera Browser	7.51	—
Opera	Opera Browser	7.52	—
Opera	Opera Browser	7.53	—
Opera	Opera Browser	7.54	—
Opera	Opera Browser	7.60	—
Opera	Opera Browser	8.0	—
Opera	Opera Browser	8.01	—
Opera	Opera Browser	8.02	—
Opera	Opera Browser	8.50	—
Opera	Opera Browser	8.51	—
Opera	Opera Browser	8.52	—
Opera	Opera Browser	8.53	—
Opera	Opera Browser	8.54	—
Opera	Opera Browser	9.0	—
Opera	Opera Browser	9.01	—
Opera	Opera Browser	9.02	—
Opera	Opera Browser	9.10	—
Opera	Opera Browser	9.12	—
Opera	Opera Browser	9.20	—
Opera	Opera Browser	9.21	—
Opera	Opera Browser	9.22	—
Opera	Opera Browser	9.23	—
Opera	Opera Browser	9.24	—

Showing 50 of 57 affected configurations. See NVD for the full list.

References

Timeline

Published: Oct 23, 2008
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2008-4697?

How severe is CVE-2008-4697?

Severity scoring for CVE-2008-4697 is pending analysis. The EPSS model estimates a 1.71% probability of exploitation in the next 30 days.

How do I fix CVE-2008-4697?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2008-4697?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST