We recently ran a Nessus vulnerability scan against our server that hosts a local installation of Galaxy. The scan report showed that the web application is vulnerable to XSS and HTML injection attacks. In order to determine if/when these vulnerabilities will be fixed, where should I either send or post the scan results?

 

-Rohit