Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property.
http://www.securityfocus.com/bid/12898
http://www.raffon.net/advisories/maxthon/searchbarid.html
http://secunia.com/advisories/14712