• info
• discussion
• exploit
• solution
• references

Opera Web Browser XMLHttpRequest Object Cross-Domain Access Vulnerability

An exploit is not required.