Why the hell is this even being discussed? Who fucking cares if there's an unpersistent XSS in a site with no authentication? There are 293847293742342309472 of these on the web. Where's the risk? Someone give me a worst case senario.
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
