This release addresses a cross-site scripting (XSS) vulnerability. Due to this vulnerability, a user could inject arbitrary scripts into pages affecting other site users. This could result in administrative account compromise leading to web server process compromise. This vulnerability is mitigated by the fact that an attacker must have the necessary permissions to administer blocks. SA-CONTRIB-2012-032 - Block Class - Cross Site scripting
• Additionally, unnecessary backticks were removed from some queries: #667382: Remove backticks.