Welcome to WebmasterWorld Guest from 18.104.22.168
Forum Moderators: open
... a remote user can create HTML that, when loaded by the target user, will set the URL in the status bar to an arbitrary URL.
This exploit can be used in "phishing" attacks.
I believe this was the same thing that was happening on IE, right?