Users with the Item/Configure permission could potentially create a malicious cluster operation with parameters by having a malicious name or description, as these values are not escaped when rendered.
New features
None.
Feature enhancements
None.
Resolved issues
Internal changes to streamline development. Not user visible. (BEE-15914)