Security researcher Gregory Fleischer reported
that when a Java LiveConnect script was loaded via
a data:
URL which redirects via a meta refresh, then the
resulting plugin object was created with the wrong security principal
and thus received elevated privileges such as the abilities to read
local files, launch processes, and create network connections.