SA-CONTRIB-2009-073: remove XSS vulnerability in PF URLs list and unathorized access...