Security announcements

MSA-14-0024: Cross-site scripting vulnerability in profile field