An XSS vulnerability has been discovered in the template of the login form of jauth. The fix is very simple: the eschtml modifier on the $login variable. You should correct that in your template if you have overrided this template.

New versions have been released for each branch: 1.0.14, 1.1.11, 1.2.5, 1.3RC2. For the last two version, other bugs have been fixed and contain few improvements.

You should upgrade your applications ;-)