Zend_Dojo_View_Helper_Editor was incorrectly decorating a TEXTAREA instead of
a DIV. The Dojo team has reported that this has security implications as the
rich text editor they use is unable to escape content for a TEXTAREA.
If you use
Zend_Dojo_View_Helper_Editor, it is strongly recommended that you
upgrade to either the latest available Zend Framework release, or one of the
following releases, immediately:
The Zend Framework team thanks the following for working with us to help protect its users:
Have you identified a security vulnerability?
Please report it to us at firstname.lastname@example.org