Security announcements

MSA-12-0035: Cross-site scripting vulnerability in "download all"