Please note me with complete details like which field you put the script into so that I can validate it and fix this issue. Thank you.

and i'm testing fixes

<font size="+4">ASDFG</font>

documet.write('SDFGSDFG');

<script> documet.write('SDFGSDFG'); </script>

hmm.... seems to work. i need to remove the strip_tags() from the first-level comment display thou.. it has some notoriuos attitude when dealing with corrupt html.

strip_tags() removed.

the bug you mentioned also affected the reply to comments on submission pages. that also has been fixed.

thanks again for your effort to find the bugs. i greatly appreciate that :)

oops, hahaha... i htmlspecialcharr'ed the smilies. that was dumb.

funny how it takes something like this (a ~*hackin scare*~)to get y'all to fix it. i found this bug months ago and an admin saw it, etc.

*smiles* i don't know where you got the idea that there was any 'hacking scare' in the coder department.
we fix stuff on a daily basis. we just don't make this information public, that's all. warriors of the invisible frontier we are.

sure, you /could/ have noticed some cases of overreaction regarding the bugs, but not from the people handling them.

....
that admin wasn't me. :)

trust me, i couldn't care less if FA got hacked again. :D Infact, i'd be kind'a excited. there are no consequences we can't fix and the more hacks, the faster we plug those security holes, since we receive a detailed information on each of them, no mater if they are being exploited or simply tested.

all i'm saying is that this bug should have been looked at earlier or at least been put at high priority to be looked at a long time ago :*) and I never said you cared about fa bein hacked, i don't either!

blame this on communication problems within.
i was never notified of this.

yeah don't worry, i'm not blaming you ;o)