A special crafted webpage can retrieve any local file using simple JavaScript:
1-When a user presses the CTRL key an "onkeydown" event can be fired. In the
event handler the key pressed is changed to 'V'. The result will be a paste
operation with less restriction
2-The content of the clipboard is altered and focus is changed to a hidden file
upload form. The paste operation will be performed into the form, yielding a
change of value for the file upload field (normally not allowed)
3-The upload form is submitted automatically...