Good morning group, I don't mean to be an alarmist but I follow some sites that list XSS and other vulnerabilities for web sites. Among the latest updates with site vulnerabilities were a few from libraries. Some of these are dated a couple months ago but they are now just being pushed out and still have a status of "unfixed". If you would like to know if your site(s) are on the list, I would start by checking http://www.xssed.com/ V/R Erin