What's Happening?
A vulnerability in the Opera GX browser has been discovered, allowing malicious websites to automatically install customization mods and steal data from other sites visited by a user. The vulnerability, identified by security researcher zhero_web_security,
enables a zero-click cross-site leak (XS-Leak) by exploiting the automatic installation of GX Mods. These mods can be installed without permission prompts, allowing attackers to inject CSS across all open tabs and websites. This vulnerability can be used to exfiltrate data, such as a victim's Gmail address, and can also be leveraged for denial-of-service (DoS) attacks by crashing the browser in Incognito mode.
Why It's Important?
The discovery of this vulnerability highlights the risks associated with browser customization features that lack adequate security measures. The ability for attackers to install mods without user interaction poses a significant threat to user privacy and data security. This incident underscores the importance of rigorous security testing and prompt patching of vulnerabilities in web browsers, which are critical tools for accessing the internet. Users and organizations must remain vigilant and ensure that their software is up-to-date to protect against such threats.
What's Next?
Following the discovery of this vulnerability, Opera has patched the flaw and awarded a $5,000 bounty for its discovery. Users are advised to update their browsers to the latest version to mitigate the risk of exploitation. The incident may prompt other browser developers to review their security protocols and enhance protections against similar vulnerabilities. Additionally, there may be increased scrutiny on browser customization features and their potential security implications.















