Apache Allura 1.11.1 released
Apache Allura 1.11.1 has been released. It is mostly a bugfix release, with one new feature being infotips for username mentions.
To see all the bugs fixed and the upgrade instructions, check out the release changelog.
XSS vulnerability when adding another user to a project
Versions Affected: 1.11.0 and earlier
Users of Allura should upgrade to Allura 1.11.1