From: cash <cash.costello@gmail.com>
Date: Tue, 12 Mar 2013 23:44:48 +0000 (-0400)
Subject: final update on changes file before release
X-Git-Url: https://gitweb.fluxo.info/?a=commitdiff_plain;h=34b14b305f5a106316fdc403c4ce80b25e89b51d;p=lorea%2Felgg.git

final update on changes file before release
---

diff --git a/CHANGES.txt b/CHANGES.txt
index 698fa9d61..797fb9c62 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -16,6 +16,7 @@ Version 1.8.14
    * Steve Clay
 
   Security Fixes:
+   * Fixed a XSS vulnerability when accepting URLs on user profiles
    * Fixed bug that exposed subject lines of messages in inbox
    * Added requirement for CSRF token for login