id,summary,reporter,owner,description,type,status,priority,milestone,version,resolution,keywords,cc 30,Security review (ongoing),Kris Deugau,,"XSS/input validation: Reading back on VegaDNS' history I poked into the CVE issues reported with VegaDNS 0.9.9.1 and 1.1.4. I realized the same message-reporting vulnerability would bite here. Access scoping: Check to make sure a user can't access any entity outside of their group tree",task,new,major,,,,,