Hello, I identified the following issues in WebCit:
* XSS at https://rpi.yvanj.me/do_template?template=iconbar_user
* Secure (if on SSL) and HTTPOnly flag not set on the session ID cookie
How can I submit a patch for this?
cab0lt
