Forum OpenACS Development: Re: XSS vulnerability in XoWiki and a lot of other OpenACS pages
Thank you very much for all your help on this matter. I'm first trying to apply the patch you've provided to see if it solves the problem. My feeling is that it solves the security issue. I had to destroy the test server database because XoWiki upgrade failed, and it's going to take sometime to test it again.
If it works, I'm not sure if the upgrade is worthy, because it's always very difficult to work with HEAD version. Do you have any kind of CVS tag for a stable (or at least close to stable) version for XoWiki?