All tested versions of Microsoft Internet Explorer (IE5+); prior versions may be vulnerable as well. Note that any other application that uses Internet Explorer's engine (WebBrowser control) is affected as well (Outlook, MSN Explorer, etc.). Back in 1997, when Internet Explorer 4 was first released, XML was just starting to become popular. The popularity of XML prompted Microsoft to devise the early prototype of XML data-islands, using the element in conjunction with the "language" attribute set to "XML". Enjoy!