Mozilla community member Michael reported that
when a server responds with a Refresh
header containing a
javascript: URI, Firefox will redirect to the javascript: URI. If an
attacker could inject a Refresh
header into a server
response, or could control the value that a site places in
the Refresh
header, they could use this vulnerability to
perform an XSS attack and execute arbitrary JavaScript within the
context of that site.