1- IE/Firefox – Page Redirection Hijack
Several weeks ago, I reported an interesting PoC via my Twitter in which I had created a web page that stops Firefox and IE browsers to redirect users to their intended destination even if they had typed it directly in the address bar: https://twitter.com/irsdl/status/294239415428067329
This issue is still unpatched in the latest versions of these browsers (March 2013). Unfortunately, some advert companies are currently exploiting this issue as well. I have already reported it to Mozilla: https://bugzilla.mozilla.org/show_bug.cgi?id=839470
read more........http://soroush.secproject.com/blog/2013/03/iefirefox-redirection-issue-fb-oauth2-bypass-bugcrowd/