Escape HTML in js-generated confirmation messages
[security] Fixed XSS in Inline Edit on save action
Avoid loading themes from non directories, . and ..
Update translations from master
Merge remote-tracking branch 'origin/MAINT_3_4_4' into QA_3_4
Sanitize filenames (in a unified manner) before using in Content-Disp…
ChangeLog and 3.4.4 XSS fix
Merge branch 'MAINT_3_4_4' into QA_3_4
bug #3392920  BLOB emptied after editing another column
Do not escape field here, it is used as index to vairous arrays
Revert "Revert "More of missing escaping""
This reverts commit 414363d.
Okay, it needs to be escaped here, but not escaped above.
Revert "More of missing escaping"
This reverts commit 599c9b5.
More of missing escaping
Slightly far fetched XSS prevention
Escape displayed user input
This is already done
Merge remote-tracking branch 'origin/MAINT_3_4_3' into QA_3_4
remove another mention of Excel export
Remove library PHPExcel, due to license issues
Remove native Excel exportand import modules (xls and xlsx formats)
Sanitize filenames before using in Content-Disposition header
remove extraneous ?
Documentation about suhosin.get.max_value_length limitation
XSS with IE <= 8.x (semicolon and attachment headers
Add missing space (bug#3386434)
Translations from master