Opera reports:
When certain parameters are passed to Opera's History
Search, they can cause content not to be correctly
sanitized. This can allow scripts to be injected into the
History Search results page. Such scripts can then run with
elevated privileges and interact with Opera's configuration,
allowing them to execute arbitrary code.
The links panel shows links in all frames on the current
page, including links with JavaScript URLs. When a page is
held in a frame, the script is incorrectly executed on the
outermost page, not the page where the URL was located.
This can be used to execute scripts in the context of an
unrelated frame, which allows cross-site scripting.