CVE-2002-0270 Information

Description

Opera when configured with the \Determine action by MIME type\ option disabled interprets an object as an HTML document even when its MIME Content-Type is text/plain which could allow remote attackers to execute arbitrary script in documents that the user does not expect possibly through web applications that use a text/plain type to prevent cross-site scripting attacks.

Reference

http://marc.info/?l=bugtraq&m=101363764421623&w=2