Summary
CSS can be loaded cross-domain, and in some cases it is be possible to read the data pointed to, leading to the possibility of cross-domain data theft.
Severity
Moderate
Opera’s response
Opera Software has released Opera 10.10, where this issue has been fixed.
Credits
Thanks to Chris Evans from the Google Security Team for reporting this issue to Opera Software.