[OSM-dev] XSS Vulnerabilities

[Callum Noble]

Hi all,

I notice that the message sending section of the openstreetmap.org site 
is vulnerable to type 2 XSS attacks.

I mentioned this on IRC and someone said that there were other places on 
the site that this issue could be found.

I think that this is potentially quite serious. I don't know anything 
about rails to look at where this might be fixed but I was directed here 
to raise the point.

Let me know if any more info is needed,

Best Regards,
-- 
Callum