Bottom line people — turn off javascript by default. Turn it on manually for each web site you know and trust, such as your bank. If everyone had their javascript turned off by default, this XSS attack would be ineffective. From http://www.eweek.com/c/a/Security/LizaMoon-Mass-SQL-Injection-Attack-Escalates-Out-of-Control-378108 It is worth a quick read to stay on top of things. What…