Its not too much of a concern, because of the fact you need to use the unescape function in Javascript to get this bug to function.. and almost every mail client will not run javascript for security concerns..
The only way I can see them possibly doing it, is providing a link to another site that has the link to their bank etc on it.. but then that kind of defeats the purpose
You're right.. I can't get it to work with anything other than the unescape function in Javascript.
So this kind of rules out HTML emails, as virtually all email clients ignore Javascript as a security precaution.
Slashdot Mirror
Really.. I tested it and I could only get it to work when it was unescaped.. I'll take your word for it..
Its not too much of a concern, because of the fact you need to use the unescape function in Javascript to get this bug to function.. and almost every mail client will not run javascript for security concerns.. The only way I can see them possibly doing it, is providing a link to another site that has the link to their bank etc on it.. but then that kind of defeats the purpose
You're right.. I can't get it to work with anything other than the unescape function in Javascript. So this kind of rules out HTML emails, as virtually all email clients ignore Javascript as a security precaution.