Low
Remote web pages are not supposed to be able to detect what files a user has on their local machine. Certain types of HTML elements may behave differently when they attempt to reference local files that exist. The attempt to load the local file will be blocked, but different JavaScript events may fire, allowing the presence of the local file to be detected. The contents of the local file will not be exposed, and the attacker will need to be able to guess the path to the local file in order to check for its existence.
Opera Software has released Opera 11.61, where this issue has been fixed.
Need help? Hit F1 anytime while using Opera to access our online help files, or go here.