The host is installed with Opera less than 9.25 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle an issue in 3xx HTTP CONNECT response. Successful exploitation could allow man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an arbitrary https web site.