K2,2.7.0,XSS (Cross Site Scripting)

resolution: update to 2.7.1

update notice url: https://getk2.org/blog/2571-k2-v271-released

Note that the VEL do not agree with the developer's assessment that XSS vulnerability is low priority

.