Re: [aur-dev] [PATCH] Convert the language selection bar in a select form

On Wednesday 29 June 2011 23:19:11 Lukas Fleischer wrote:

Using '$_SERVER["PHP_SELF"]' without escaping quotes introduces a potential XSS vulnerability [1].

Thanks for the info.