ACT offers no details for XSS attack detection

[Andrew Hollamon]

I am experiencing IE8 reporting a XSS attack on a credit card processing site
we have.

It appears to be a completely false positive error, as there is no XSS
scripting happening in any way.

However, I really need to be able to figure out WHY IE8 thinks there is an
XSS attack, so I can adjust it on the web pages.

Unfortunately, even after jumping through all the hoops necessary to extract
logs from IE8 (ACT, hotfix for vista sp1, reboot, etc), the ACT tool offers
exactly zero useful information.

This is all it provides:
---------------------------------------
MitigationCode: XSSFilterPageSanitize
UrlPath:
UrlZone:
FilteredUrl: https://somedomain/gateway/transact.dll
RefererUrl: http://someotherdomain/membership_application/new
----------------------------------------

How the heck are we supposed to get IE8 to provide useful information about
why it thinks there is an XSS attack.

I need actual javascript line numbers, what exact code was executed, etc.

Any advice or help would be very welcome, as this appears to be a black hole
to me at the moment, but I'm hoping I'm missing something thats not in the
documentation.