Hi there! I just saw the message sorry for the delay. I'm one of the developers of Evilgrade, the itunes module execute a xss in the updater if you click in the item a browser have to be executed...