On 12/9/2011 7:39 AM, Vladimir Panteleev wrote:
The short version is that HTML attachments may contain malicious JavaScript code, which will have access to all forum cookies. For example, it would be possible to write a worm which would repost itself whenever anyone opened the attachment.
I hadn't thought about that. I strongly suggest ignoring all sections of posting which are not plain text.
