Comment 7 for bug 1825549

Also, after more carefully re-reading what Mark put in the bug description, I retract what I said in comment #2. This isn't a CWE-601 case as it doesn't allow to perform an actual redirect (or even support markup, so no embedded clickable link). Sounds like the most it can do is provide authentic-looking messages containing dubious instructions, so I would consider this a hardening opportunity.