Godaddy´s Workspace 5.3  XSS                                                                                                      


Explanation:                                                                                                                       
The javascript for special caracter filtering provided in email13.secureserver.net can be use to create a XSS attack, if we edit the content of an email and  put <iframe src="javascript:alert("XSS");"></iframe> this will be filtered and scramble, making the XSS impossible, BUT, if we write <iframe src="javascript:alert(&quot;XSS&quot;);"></iframe> we will bypass the XSS filter.         

by Elvenking