[est]

looks like E4X, which security is a problem

http://sla.ckers.org/forum/read.php?2,20408

Any code mix operation & data is dangerous. That's all how overflow exp, injection and XSS works