CVE-2008-2168

[Nick Gearls]

> Cross-site scripting (XSS) vulnerability when displaying the 403 
Forbidden error page
I can't find any info about this issue on the site.
I guess this could also touch some other error numbers (404, ...).
Any patch to fix this ?

Btw, is there a way to be notified about security issues ?
Couldn't we add a RSS flux to the security page ?

Thanks,

Nick