Description:

GS-10551 - The browser hint "autocomplete='off'" for the password field on the login page can now be set. To set this, you must set the Java system property 'com.livecluster.server.plugin.UserConfigurationPlugin.disablePasswordAutocomplete=true' in your startup script.

GS-10552 - A minor cross-site scripting vulnerability has been fixed. It does not exist in modern browsers, and only under atypical circumstances, such as using Internet Explorer 8 and setting the security level for the site to low. Also, it only applies to a request that does not have a session. It has been fixed primarily to avoid false positives on penetration tests.