Release Notes: This release protects against some potential user-targeted XSS and scripting attacks. User CSS and JS customizations are now disabled by default as a precaution.
Release Notes: This releae fixes a cross-site scripting vulnerability discovered during code review.
Release Notes: This release contains a small fix for a potential HTTP injection / cross-site scripting vulnerability.
Release Notes: This release adds validity checks for uploaded images to protect against client-side vulnerabilities in Internet Explorer, such as cross-site scripting hacks and the "JPEG virus". A raw HTML inclusion option was added, to be used only in trusted environments. Various cosmetic bugs were also fixed.