Re: Re: Sourceforge.net XSS

I understand the possibilities of XSS, however if you have to inject it as part of the URL line to have it display the injection i don't see how you are going to fool people, maybe encode it? otherwise it will be quite obvious, and it would have to be something small after being encoded. another thing it isn't something people will "stroll" across and view. I guess it still "counts" as a vulnerability. *shrug*