Not sure if $taboo was getting sanitized or not. Possibly an SQL injection vulnerability that allows maliciously crafted group names to inject SQL at a later date when the group CP is loaded. Unconfirmed, theoretical fix.

     1

.panel_wrapper div.current {

     2

	height: 290px;

     3

}

     4

     5

#id, #style, #title, #dir, #hreflang, #lang, #classlist, #tabindex, #accesskey {

     6

	width: 200px;

     7

}

     8

     9

#events_panel input {

    10

	width: 200px;

    11

}