[contributions(DRUPAL-4-7--2):dww] /modules/project/release project_release.module

User: dww Branch: DRUPAL-4-7--2 Date: Thu, 02 Nov 2006 20:24:15 +0000 Modified files: /modules/project/release project_release.module Log message: #83339 (patch from comment 60): fixing potential privilege escalation issue where someone with "administer taxonomy" permissions could XSS the site by creating a malicious taxonomy term in the API compatibility vocabulary (also a problem on sites that are crazy enough to make this a free-tagging taxonomy). this commit adds check_plain() where needed. Links: http://cvs.drupal.org/diff.php?path=contributions/modules/project/release/pr...