Advisory: Scripts can overwrite functions on pages from other domains
Scripts can overwrite functions on pages from other domains.
Severity: Highly Severe
All versions of Opera for Desktop prior to Opera 9.24.
When accesing frames from different Web sites, specially crafted scripts can bypass the same-origin policy, and overwrite functions from those frames. If scripts on the page then run those functions, this can cause the script of the attacker's choice to run in the context of the target Web site.
Opera Software has released Opera 9.24, where this issue has been fixed.
Thanks to David Bloom for reporting this issue to Opera Software.