Tue, 12 Jul 2011 22:21:08 -0400 | Dan Fuhry | SECURITY: CSRF protection in Private Messaging, which is a really broken feature and should get the TinyMCE treatment. *sigh* Reported by Secunia. | changeset | files |
Tue, 12 Jul 2011 22:15:18 -0400 | Dan Fuhry | SECURITY: Fixed XSS in post-login page redirection. Reported by Secunia. | changeset | files |