The host is installed with Opera before 11.65 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly restrict the reading of JSON strings. Successful exploitation allows remote attackers to perform cross-domain loading of JSON resources and consequently obtain sensitive information via a crafted web site.