[rules-dev] Drools JBRMS vulnerability to "JavaScript Hijacking" (or hopefully lack of thereof)