> Fabio, one little question. > I don't see how this code can write the parameter passed to the JSP > page. Probably you pasted the wrong code in the <s:url> part.
Just add (i.e. in IE6) after the ? the following query string:
>'"><script>alert('helloworld')</script>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
