According to an advisory posted by the security firm Secunia, the flaws would allow hackers to conduct cross-site scripting attacks, disclose sensitive information, or to bypass certain security restrictions. That is, if someone actually took the time to focus on Opera instead of another browser with a much more significant market share (Firefox, Internet Explorer, take your pick).

The first security issue is caused due to a design error when handling input to file form fields. The advisory states that it could be exploited to trick a user into uploading arbitrary files.

The second flaw is related to the handling of custom comments in image properties and can be exploited to execute arbitrary script code in the wrong security context when comments of a malicious image are displayed.

The third and last of today’s pack is an error in the handling of attribute values when importing XML into a document. It can be exploited to bypass filters and conduct cross-site scripting attacks if these values are used as document content.

The vulnerabilities are known to affect all Opera versions prior to 9.26.