Cross-site scripting (XSS) vulnerability in auth.w in djeyl.net WebMod 0.48 Half-Life Dedicated Server plugin allows remote attackers to inject arbitrary web script or HTML via the redir parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/37220
http://www.securityfocus.com/bid/26087
http://www.attrition.org/pipermail/vim/2007-October/001833.html
http://sla.ckers.org/forum/read.php?3%2C44%2C11482#msg-11482