High
Pages from unrelated sites should not be able to interact with the contents of each other - known as the same-origin policy. Certain manipulations of framed content, made before loading a target site in a frame, can cause Opera not to correctly apply this restriction. This allows malicious sites to perform cross-site scripting attacks against arbitrary target sites, executing scripts in the context of that target site.
Opera Software has released Opera 11.61 where this issue has been fixed.
Thanks to Michal Zalewski for reporting this issue to Opera Software.
Need help? Hit F1 anytime while using Opera to access our online help files, or go here.