final update on changes file before release

author cash <cash.costello@gmail.com>

Tue, 12 Mar 2013 23:44:48 +0000 (19:44 -0400)

committer cash <cash.costello@gmail.com>

Tue, 12 Mar 2013 23:44:48 +0000 (19:44 -0400)
author cash <cash.costello@gmail.com>
Tue, 12 Mar 2013 23:44:48 +0000 (19:44 -0400)
committer cash <cash.costello@gmail.com>
Tue, 12 Mar 2013 23:44:48 +0000 (19:44 -0400)
diff --git a/CHANGES.txt b/CHANGES.txt

index 698fa9d61fd3f483a33013d75fb7ebd583c92222..797fb9c62ac44659a70b77ef33551eba4bbd101b 100644 (file)
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -16,6 +16,7 @@ Version 1.8.14
     * Steve Clay
  
    Security Fixes:
+   * Fixed a XSS vulnerability when accepting URLs on user profiles
     * Fixed bug that exposed subject lines of messages in inbox
     * Added requirement for CSRF token for login
author	cash <cash.costello@gmail.com>
	Tue, 12 Mar 2013 23:44:48 +0000 (19:44 -0400)
committer	cash <cash.costello@gmail.com>
	Tue, 12 Mar 2013 23:44:48 +0000 (19:44 -0400)