The only thing that a Web site can do with this is read selected files from a users machine if they know the name of the file.
The Microsoft Internet Explorer security model allows a Web site to run any script or program that it trusts. The program exposes some fairly powerful functionality that allows a hostile Web site to glean information from a user's machine.
The real problem is Netscape Communicator taking a powerful script and putting it out on your computer in a locale where any Web site can find it out and run it.