<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">It seems that emails with address lines of this form:<div><br></div><div>">'><IfRaME>"@example.com</div><div><br></div><div>(quotes included, this is a valid email address, I think) cause RT to be unable to display a ticket. I think this may be a possible cross site scripting problem or at least some data that should be escaped in the web interface. Help on how to delete such a ticket would be appreciated.</div><div><br></div><div>Thanks,</div><div>Steve</div><div><br><div> <span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><div style="word-wrap: break-word; -khtml-nbsp-mode: space; -khtml-line-break: after-white-space; "><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">--</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Steve Wills, Senior Systems Administrator</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">WebAssign,<span class="Apple-converted-space"> </span><a href="http://www.webassign.net/"><font class="Apple-style-span" color="#0021E7"><span class="Apple-style-span" style="color: rgb(0, 33, 231); -khtml-text-decorations-in-effect: underline; ">http://www.webassign.net/</span></font></a></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Phone: (919) 829-8181 x116 Cell: (919) 622 6826</div></div><br class="Apple-interchange-newline"></span> </div><br></div></body></html>