The host is installed with Opera before 11.01 and is prone to CSS bypass vulnerability. A flaw is present in the implementation of Cascading Style Sheets (CSS) extensions for XML which recognizes links to javascript: URLs in the -o-link property. Successful exploitation allows remote attackers to bypass CSS filtering via a crafted URL.