Re: [IMail Forum] Old Hack on Hotmail seems to work on iMail web users...

[Joshua Levitsky]

wow... hummm.... so basically the smart thing would be for KillerWebmail and the default stuff to not permit <script> tags in mail. Just to rip them out in the display process. No?   -Josh ----- Original Message ----- From: Norman J. Nolasco To: [EMAIL PROTECTED] Sent: Saturday, March 16, 2002 3:40 PM Subject: RE: [IMail Forum] Old Hack on Hotmail seems to work on iMail web users... Hi again,   I put up a new version of the email generator at http://209.16.59.28/test.asp   It can now send the same type of email to KillerWebMail users, as well as default template users.  Again, even if the login screen doesn't use the same template, all a malicious user has to do is cut&paste the HTML off the login page onto their own version.   Norman Nolasco Advarion Incorporated