In testing our servers for security vulnerabilities, we've detected some cross site scripting and SQL injection problem on our Galaxy server. Is that something that should be reported as a bug/problem? I did search the Trello board but didn't find any open security related items.

Thanks!
--