Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute.
Exploitability
AV:NAC:LAu:NImpact
C:NI:PA:N5/AV:N/AC:L/Au:N/C:N/I:P/A:N