Godaddy's Workspace versions 5.3 and below suffers from a cross site scripting vulnerability.
ef9935ed4bcaf70501af3f24ea41d2050e62b8f73f4f677fda64607046750b4e
Godaddy´s Workspace 5.3 XSS
Explanation:
The javascript for special caracter filtering provided in email13.secureserver.net can be use to create a XSS attack, if we edit the content of an email and put <iframe src="javascript:alert("XSS");"></iframe> this will be filtered and scramble, making the XSS impossible, BUT, if we write <iframe src="javascript:alert("XSS");"></iframe> we will bypass the XSS filter.
by Elvenking