Flubber Posted February 20, 2011 Report Share Posted February 20, 2011 "Well, at least "><script>alert(/XSS/)</script> works great: http://img6.imagebanana.com/img/4tyst18d/one.png http://img6.imagebanana.com/img/wh9zwmc6/two.png Thx to Friedrich Hausberger for his mail to FD ck"Sursa: Full Disclosure: [Google Chrome Browser] Google Mail Checker Plus: JavaScript Code Execution Quote Link to comment Share on other sites More sharing options...