The attack handles the HTML tags in all user input, and the simple method is as follows:
' First get input
Str=replace (str, "<", "<")
Str=replace (str, ">", ">")
Str=replace (str, "'", "" ")
Let these vicious attackers go to hell.
Again, if you are the home page storage space provider, do not let others have the executive power of the ASP!
For example, Maoming Personal homepage, I can arbitrarily modify the content of any one page. Of course I have not done so, I am waiting for the Microsoft patch.
Oh, lovely, yet worrying asp!.