ID: 6423
Title: Fixed possible XSS in views with some filters
Component: Multisite
Level: 1
Class: Bug fix
Version: 1.6.0i1
It was possible to inject some specific HTML tags (like the a-tag)
into the title of views which could be used to make users click on
it to execute some arbitrary javascript code.
Show replies by date