Crossite scripting on message generation if automatic redirection is disabled. javascript: crossite scripting. XMLHttpRequest object crossite access. Download dialog spoofing. Crossite scripting on image dragging.
vulners.com/securityvulns/securityvulns:doc:8882
vulners.com/securityvulns/securityvulns:doc:8883
vulners.com/securityvulns/securityvulns:doc:8884
vulners.com/securityvulns/securityvulns:doc:9336
vulners.com/securityvulns/securityvulns:doc:9337