We all love the target=”_blank” code, which makes links open in a new window. The problem is that once the new window (window.opener) is opened, the new page can have access to the original window, allowing a spoofed URL or redirect.
Scary, right? Someone can post a link on your forum or in the comments of your blog and go to town. In the meantime, be careful of your clicks.