I am always amused when I take a personality test. I find it easy to discern the reasoning behind the questions and more often than not I disagree with the wording of specific questions. Just today, I found an interesting test with some funky sliders and graphs at personaldna.com, and the results are in:

And there you have it, I am a very manly and functional Benevolent Leader with low Authoritarianism. You can hover those individual color bars for an explanation of each.

Coincidentally, I am not a big fan of having Benevolent Leader turned into a link that points at personaldna.com as I have already been kind enough to link their way. So how do we remove this link but retain the hover functionality? If you’re curious the script code for embedding the above color bar is:

<script src=”http://personaldna.com/h/?k=ajbecRqMlZIdRcZ-OO-AAAAA-b077&t=Benevolent+Leader”>
</script>

There is a lack of input validation of the t parameter which enables a XSS vulnerability on personaldna.com. If you specify t=Benevolent+Leader',true);alert(location)// you are overwriting their script logic. If you specify t=</a>Benevolent+Leader you are injecting HTML. A properly URL encoded parameter would be t=%3C/a%3EBenevolent+Leader".

So there you have it, the same colored bar but without a link on the text portion :)