Marcus Krause schrieb: > If someone highjacked an admin accound via XSS, admin is someone else > not the person that you intended to be admin! ok then of course it makes sense! georg