The host is installed with Opera before 9.61 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to properly escape before storage in the History Search database (aka md.dat). Successful exploitation allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment").