Hello!
I've spotted this a while ago(maybe from version 2.3) but never reported because I hoped it will be fixed on the next release...
NOTE: This will not be an issue if javascript is not enabled.
But not everyone has enough time to check every "Thank you! Great post!" comments especially when they have a huge visitor/commentator number so they will select the option "Comment author must have a previously approved comment".
To check this issue out:
Log in into your wp blog and submit this comment:
<script type="text/javascript">alert('bump');</script>
after the comment is submitted and the page reloads you'll see the alert window.
then go to your admin panel to edit/delete this comment; you'll see that when displaying the comments page that alert window is displayed once again.
Imagine 200 of this alerts now....
I really hope someone will fix this asap(by filtering any javascript input in comments).
