seclists at securinews.com wrote: > Just another case of cross site scripting. I would understand people > caring if it was a bank's site...but McDonalds? Err, we are talking about code injection instead of XSS, or am I missing something? Cheers, Pablo