CVE-2010-2661

Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict access to the full pathname of a file selected for upload, which allows remote attackers to obtain potentially sensitive information via unspecified DOM manipulations.

Date published : 2010-07-07

http://www.securityfocus.com/bid/40973

http://www.opera.com/docs/changelogs/mac/1054/