Share 'XSS: Ning.com Persistent XSS'

Just a notice, as this will probably be fixed in a short amount of time - I can add persistent XSS to the group page. I first noticed this yesterday when I was fooling around with URL XSS attempts, and then followed up with form injections. The hole is in the group "url" field, and is easily exploited, although I haven't tested for form length (I assume there is no limitation, if so then a simple…