[eluser]SardiorDragon[/eluser]
[quote author="bargainph" date="1245995803"]
Am I missing something? "SecretCPasword" is looks very very very similar to "SecretCPasword".[/quote]
Look at:
[quote author="CrustyDOD" date="1245974321"]Oh lol, see it works the same here!
Secret%.4.3Pasword <--- REMOVE dots (.)
Result is SecretCPasword which is wrong![/quote]
See the %.4.3 (remove the dots and you get C when the xss is run on it).