Can this vulnerability be exploited using the HTML help ActiveX control ? I am trying: MyWindow">value="http://www.xfocus.net/flashsky/icoExp/search.hlp">MyWindow" > However, i get an error "This operation is allowed only within HTML help" ? Is this approach wrong ?