Send email to a list with an HTML attachment. Go to
archive. Click on attachment link. See the HTML source
instead of the rendered HTML. Use "view source" feature
of browser. See that all HTML tags are themselves
HTML-escaped.
An example is at
http://kitenet.net/pipermail/sayma/attachments/20051214/2ce1af82/10454316-0001.htm
Any chance to get this fixed? I just got hit this by this 5 year old bug. :-/
If you consider it an XSS issue, please just change the MIME type (to text/plain or application/octet-stream) and get rid of the double escaping. A double-escaped HTML file is of no use to anyone.