Quoting from squid.conf:
SECURITY NOTE:
As described in CVE-2009-0801 when the Host: header alone is used to determine the destination of a request it becomes trivial for malicious scripts on remote websites to bypass browser same-origin security policy and sandboxing protections.
The cause of this is that such applets are allowed to perform their own HTTP stack, in which case the same-origin policy of the browser sandbox only verifies that the applet tries to contact the same IP as from where it was loaded at the IP level. The Host: header may be different from the connected IP and approved origin.
This new reported vulnerability sounds… rather similar, and very much related.