Re: Hotmail security vulnerability - injecting JavaScript using