https://www.exploit-db.com/exploits/22217

漏洞细节尚未披露

source: http://www.securityfocus.com/bid/6756/info

It has been reported that, when generating HTML to display images or embedded media, Opera does not correctly format the provided URL or sufficiently encode URLs to local files.

As a result of this lack of sanitization Opera is vulnerable to HTML injection attacks when handling local image or media files.

open("file://localhost/images/file.gif?"><script>alert(location.href);</script>","","");