Crossite scripting via Content-Type.
vulners.com/securityvulns/securityvulns:doc:6269
vulners.com/securityvulns/securityvulns:doc:6270
vulners.com/securityvulns/securityvulns:doc:6296
vulners.com/securityvulns/securityvulns:doc:6449