About 3 weeks ago I was posting something to posterous and noticed that there was something weird at the top of the page.

Inspecting, playing around and such I figured out and inserted JS into the post, doing an alert() when the page loaded. http://i.imgur.com/pL8W2.png

From what I know, and what I have read this is an XSS, Im not completely sure of which length of script could I execute but I think it could be enough to load a script from another page, and then do the malicious stuff.

I contacted Posterous through their Feedback form about 3 or 4 weeks ago, and I havent received an answer. Since the post still shows the alert and its not fixed they may have not read the mail or discarded it...

Can anybody confirm that this is dangerous?