-
Issue #1580798 by greggles | Dave Reid: XSS vulnerability: format_username() needs to be check_plain()'d before output
-
Issue #1548168 by greggles: log additional data about the login like IP, user agent, and whether or not it was from a one-time login link (and a block)
-
Issue #1358612 by greggles | mgifford: Prevent granting permissions flagged as dangerous from being assigned to anonymous (and authenticated) users (parse error followup).
-
Issue #1358612 by greggles | mgifford: Prevent granting permissions flagged as dangerous from being assigned to anonymous (and authenticated) users.
-
(Issue
-
Issue #1547810: Mention security issues around 'administer conditional actions' in README.txt.
-
Issue #1546168 by greggles: remove execute php via vbo
-
Issue #1358612 by greggles: Prevent granting permissions flagged as dangerous from being assigned to anonymous (and authenticated?) users.
-
Issue #1536050 by rickmanelius, greggles: remove debug code
-
Issue #1512880 by greggles: Fixed a couple bugs in watchdog calls.