Passbolt API version 1.6.4 and older are vulnerable to a XSS in the url field on the password workspaceReferenceshttps://www.passbolt.com/incidents/20170914_xss_on_resource_urlshttps://www.passbolt.com/release/notes#September
