(LiveHacking.Com) – Opera 11.61 has been released and it is recommended that all users upgrade to the latest version to benefit from the security and stablilty changes. With regards to security, Opera 11.61 fixes two security issues:
- An issue where manipulation of framed content can allow cross-site scripting.
- An issue where script events could be used to reveal the presence of local files.
The cross site script issue is the worse of the two and has been given a “High” vulnerability rating. According to the advisory “pages from unrelated sites should not be able to interact with the contents of each other – known as the same-origin policy. Certain manipulations of framed content, made before loading a target site in a frame, can cause Opera not to correctly apply this restriction. This allows malicious sites to perform cross-site scripting attacks against arbitrary target sites, executing scripts in the context of that target site.”
Other non-security related changes include an update to the default Speed Dials as well as fixes for the built-in email client along with stability (crashing) fixes. More details about the update can be found in the Windows, Mac and UNIX change logs. Opera 11.61 is available to download now.