Security update

A XSS vulnerability is fixed in this release. See SA-CONTRIB-2015-015 - Term Merge - Cross Site Scripting (XSS)

SA-CONTRIB-2015-017 - Room Reservations - Cross Site Scripting (XSS)

also includes everything in -dev not previously captured in 1.0 rel; this includes numerous feature additions and bug fixes.

Addresses XSS and CSRF vulnerabilities. For more information see SA-CONTRIB-2015-014 - Wishlist - Multiple vulnerabilities

Addresses XSS and CSRF vulnerabilities. For more information see SA-CONTRIB-2015-014 - Wishlist - Multiple vulnerabilities

Security: fixed a cross-site-scripting vulnerability for users with "administer homebox" permission.

See DRUPAL-SA-CONTRIB-2015-077 - OG tabs - Cross Site Scripting (XSS)