Cross Site scripting attacks are getting even more dangerous these days, and exploitable in many new creative ways. I will be discussing this issue in my next podcast, till then read up on it here or at ha.ckers.org