
Opera GX Security Flaw in GX Mods Feature Enabled Automatic Malicious Mod Installations
CybersecurityVulnerabilitiesBrowserSecurityDataExfiltration
A security flaw in Opera GX’s GX Mods feature allowed malicious websites to automatically install mods capable of stealing data from other web pages. The vulnerability exploited the browser’s CSS injection mechanism, enabling unauthorized modifications without user interaction. Opera has since patched the issue, though specific dates of discovery or patch release were not disclosed. The flaw posed a risk of data exfiltration, as mods could intercept or manipulate content from arbitrary sites. No CVE identifier was mentioned in the report. The impact was limited to users of Opera GX with the GX Mods feature enabled.