masquerade is the predecessor of masq: https://github.com/dennisreimann/masq - please consider using masq from now on, as it is the more modular approach.
the render_openid_error in server_controller.rb is vulnerable to (reflected) xss injection. this is easy fixable by escaping everything which get echoed to the user.
the render_openid_error in server_controller.rb is vulnerable to (reflected) xss injection. this is easy fixable by escaping everything which get echoed to the user.