Description
Scripting error messages are normally available only to the page that caused the error. In some cases, the error messages could be passed to other sites as the contents of unrelated variables, and may contain sensitive information. If those sites write the content into the page markup, this could allow cross-site scripting, using code provided by the attacking site. This issue only affects installations that have enabled stacktraces for exceptions, these are disabled by default.
Severity
Highly severe
Opera’s Response
Opera Software has released Opera 10.10 where this issue has been fixed.