1 Title: Fixed stored XSS using alert handler config
11 A user with permission to the alert handler administration could use an alert rule to
12 store arbitrary javascript code which would then be executed in the context of the browser
13 of another user with permission to the alert handler administration when viewing the list