Bug 924802: (CVE-2013-1742) [SECURITY] (XSS) "id" and "sortkey" are not sanitized when editing flag types if categoryAction-foo is set
r=dkl a=glob