Severity:
Moderately Severe
Problem Description
When a user types into a file input, scripts can cause some of the keystrokes to be ignored. If the script can convince the user that they are typing into a normal text input, and not let them see that their keystrokes are being ignored, it can cause the input to point to known file paths on the user’s computer. The file can then be uploaded without user interaction.
Opera’s Response:
Opera Software has released Opera 9.26, where this issue has been fixed.
Credits
Thanks to Mozilla for reporting this issue to Opera Software.