id,summary,reporter,owner,description,type,status,priority,milestone,component,version,resolution,keywords,cc 1231,"HTML.encodeTags() should not allow attributes in ""safe"" tags",Nicklas Nordborg,Nicklas Nordborg,"This can be security issue that opens up for scripting attacks since it is possible to add custom javascript this way. For example: {{{ Do NOT click here. }}}",defect,closed,major,BASE 2.9.3,web,,fixed,,