Changelog

2.2.7 (2014-04-15)

ID Title (GitHub Link)
#**ZF2014-03 ** Potential XSS vector in multiple view helpers due to inappropriate HTML attribute escaping. Many view helpers were using the `escapeHtml()` view helper in order to escape HTML attributes. This release patches them to use the `escapeHtmlAttr()` view helper in these situations. If you use form or navigation view helpers, or "HTML element" view helpers (such as `gravatar()`, `htmlFlash()`, `htmlPage()`, or `htmlQuicktime()`),