A XSS vulnerability exist in the ASPjar Tell-a-Friend. Code: "><p><br><p><br><font size=44>XSS<!-- You can put the code in "Your Name Text". But this company is no longer exist and the software is no longer being updated .