Patch for xss and csrf vulnerabilities

Some vulnerabilities regarding xss and csrf have been fixed in this release.