From: security curmudgeon <jericho@attrition.org>
To: jflechtner@users.sourceforge.net
Date: Tue, 28 Mar 2006 11:25:02 -0500 (EST)
Subject: ARIA security issue


Hey Josh,

Not sure if you are still maintaining this project, but while playing 
with the demo I noticed a small security issue. The genmessage.php 
script doesn't sanitize user input submitted to the Message Field 
(message variable) allowing for cross-site scripting (XSS) attacks. 
I didn't test the other scripts so this may occur in other scripts.

Thanks,

Brian