Fix XSS in issue2550817 Note that the code that triggers that particular bug is no longer in roundup core. But the change to the templates we suggest is a *lot* safer as it always escapes the error and ok messages now. If you are upgrading: you *MUST* read doc/upgrading.txt and do the necessary changes to your templates, the escaping now happens in the template and not in the roundup code. So if you don't make the necessary changes *you are vulnerable*.

See <a href="http://dev.zope.org/Wikis/DevSite/Projects/ZPT">the
ZPT project Wiki</a> for more information about Page Templates, or
<a href="http://www.zope.org/Members/4am/ZPT">the download page</a>
for installation instructions and the most recent version of the software.

This Product requires the TAL and ZTUtils packages to be installed in
your Python path (not Products).  See the links above for more information.