http://blog.bigfinger.se2012-02-07T23:33:46umbracoThoughts on life: Umbraco, EPiServer, .NET and Fatherhood.enCopyright 2009-2012 Stephan Kvartstephan@bigfinger.sehttp://blog.bigfinger.se/2010/1/26/xss-vulnerabilities-in-the-blog4umbraco-package.aspx#comment-6Tue, 26 Jan 2010 14:09:19 GMThttp://blog.bigfinger.se/2010/1/26/xss-vulnerabilities-in-the-blog4umbraco-package.aspx#comment-6 as \u003c\003e! The Server.HtmlEncode isn't enough protection.

Did you take a look at the http://antixss.codeplex.com/ project yet? Their encoders does look good!]]>