The host is installed with Opera less than 9.25 and is prone to an improper authentication vulnerability. A flaw is present in the application, which fails to handle issues in HTTP Host header. Successful exploitation could allow man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.