Source: http://www.qubes-os.org/doc/how-to-copy-and-paste-text/#security
The inter-qube clipboard system is secure because it doesn’t allow any qube other than your selected target to steal any contents from the inter-qube clipboard. Without such a system in place, any password you were to copy from the password manager in your vault qube to another qube, for example, would immediately be leaked to every other running qube in the system, including qubes that are untrusted by default, such as sys-net. By giving you precise control over exactly which qube receives the inter-qube clipboard content, then immediately wiping the inter-qube clipboard afterward, Qubes OS protects the confidentiality of the text being copied.
However, one should keep in mind that performing a copy and paste operation from less trusted to more trusted qube is always potentially insecure, since the data that we copy could exploit some hypothetical bug in the target qube. For example, the seemingly-innocent link that we copy from an untrusted qube could turn out to be a large buffer of junk that, when pasted into the target qube’s word processor, could exploit a hypothetical bug in the undo buffer. This is a general problem and applies to any data transfer from less trusted to more trusted qubes. It even applies to copying files between physically separate (air-gapped) machines. Therefore, you should always copy clipboard data only from more trusted to less trusted qubes.