This attack uses a maliciously-crafted HTTP request in order to cause a
						vulnerable web server to respond with an HTTP response stream that will be
						interpreted by the client as two separate responses instead of one. This is
						possible when user-controlled input is used unvalidated as part of the
						response headers. The target software, the client, will interpret the
						injected header as being a response to a second request, thereby causing the
						maliciously-crafted contents be displayed and possibly cached.