Microsoft's Microsoft.XMLHTTP and Mozilla XMLHttpRequest incorrectly handle redirection allowing to access local files.
vulners.com/securityvulns/securityvulns:doc:2273
vulners.com/securityvulns/securityvulns:doc:2277
vulners.com/securityvulns/securityvulns:doc:2286
vulners.com/securityvulns/securityvulns:doc:2330
vulners.com/securityvulns/securityvulns:doc:2364
vulners.com/securityvulns/securityvulns:doc:2530
vulners.com/securityvulns/securityvulns:doc:2865
vulners.com/securityvulns/securityvulns:doc:6964