for the record, the author found one issues (single quotes in attributes where not being escaped in attributes) he reported it to us and was fixed in 1.80.1. That is what the two red boxes refer to.
On May 4, 6:13 pm, ADE <[email protected]> wrote: > Here is some info on web2py security a friend of mine pointed out to me > > http://www.pythonsecurity.org/wiki/web2py/ > > *cheers
