We just released a change (patches are attached to this email) for security vulnerabilities. See the attachments for a patch for the current release and for open-release/juniper.master.
Affected repo: edx-platform
Without this patch, it is possible that a lot of files might be vulnerable to cross-site scripting (XSS).
This security patch uses code that escapes these vulnerabilities and fixes the xsslint issues for these files.
We advise you to patch your instances as soon as possible. We have merged the fix to our public repo.
If you have any questions, feel free to reach out to me.
edX Sustaining Mavericks
my_change.patch (46.0 KB)