Follow-up Comment #2, sr #106475 (project administration):
OK, if you follow the link in comment # 1
<https://savannah.gnu.org/support/index.php?106475#comment1>, it should take
you to a page where mousing over the floating GNU in the green feedback box
will trigger a javascript alert that says "monkeys!".
It doesn't take much to go from there to javascript that does arbitrarily
complicated things as the logged-in user.
I consider this a fairly severe security concern.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?106475>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
