XSS attack possible using html.

[vixtordev]

I pasted some HTML code into the minecraft chat, and I did a command with it, and JPanel treats it like html.

Example:

Steps to reproduce:

1. Paste an html element into chat or run it as a command
2. Just wait for it to pop up in the console

The reason this is lethal is because hackers can paste in java script code to force the console to execute a command.