Opera Mini Browser Address Bar Spoof

Disclosed by
Renwa's avatar
Renwa
  • Engagement Opera Public Bug Bounty
  • Disclosed date almost 2 years ago
  • Points 40
  • Priority Unassigned Bugcrowd's VRT priority rating
  • Status Resolved This vulnerability has been accepted and fixed
Summary by Renwa

Custom URI scheme combined with a file download freeze the url which allowed full address bar spoof

Activity
  1. FlyEye’s avatar
    FlyEye Customer published the disclosure report

    ()

  2. Renwa’s avatar
    Renwa sent a message

    ()

  3. Renwa’s avatar
    Renwa requested disclosure

    ()

  4. Joshua’s avatar
    Joshua Customer rewarded Renwa

    ()

  5. Joshua’s avatar
    Joshua Customer cleared the severity

    ()

  6. Joshua’s avatar
    Joshua Customer changed the state to Resolved

    ()

  7. Joshua’s avatar
    Joshua Customer sent a message

    ()

  8. Renwa’s avatar
    Renwa sent a message

    ()

  9. Joshua’s avatar
    Joshua Customer sent a message

    ()

  10. Joshua’s avatar
    Joshua Customer changed the severity to P1

    ()

  11. Joshua’s avatar
    Joshua Customer rewarded Renwa 35 points

    ()

  12. Joshua’s avatar
    Joshua Customer changed the state to Unresolved

    ()

  13. Joshua’s avatar
    Joshua Customer rewarded Renwa 5 points

    ()

  14. Renwa’s avatar
    Renwa sent a message

    ()

  15. Tal_Bugcrowd’s avatarbugcrowd logo
    Tal_Bugcrowd sent a message

    ()

  16. Tal_Bugcrowd’s avatarbugcrowd logo
    Tal_Bugcrowd changed the state to Triaged

    ()

  17. Tal_Bugcrowd’s avatarbugcrowd logo
    Tal_Bugcrowd changed the severity to P4

    ()

  18. Renwa’s avatar
    Renwa created the submission

    ()