CB

As reported here by A.Ninja (thank you) with fix suggestion:
http://www.joomlapolis.com/forum/147-potential-bug/154758-login-fails-because-quoted-credentials

I edited comprofiler.php at line 1206+1207 and changed it to:

$username = trim( stripslashes( cbGetParam( $ _POST, 'username', '' ) ) );
$passwd2  = trim( stripslashes( cbGetParam( $ _POST, 'passwd', '', _CB_ALLOWRAW ) ) );

I recall that we needed the escapings to avoid a vulnerability in an older version of Joomla.
Before applying that fix we will need review the use of those variable in each Joomla version.