ChiliProject is not maintained anymore. Please be advised that there will be no more updates.
We do not recommend that you setup new ChiliProject instances and we urge all existing users to migrate their data to a maintained system, e.g. Redmine. We will provide a migration script later. In the meantime, you can use the instructions by Christian Daehn.
Revision 151b4cd4
ID: 151b4cd404ee439ad8e5cd8ced0a586811a19738
[#163] Add extra escape in mail_to's javascript. Rails CVE-2011-0446