should be fixed, also deleted the xss posts from the db
some people found out how to xss while I was asleep wtf