Re my "SecurityID doesn't match, possible CRSF attack" post of 10/28:
Some sleuthing revealed that this problem appeared in revision 223 of DOM. Tthe constructor of DataObjectManager_Popup (in DataObjectManager.php) contains an if statement that determines whether or not a number of Requirements should be set. In revision 222, the if statement used the following expression:
$this->controller->hasNested
In revision 223, this changed to:
$this->hasNestedDOM()
There is something about hasNestedDom()'s call to $this->Fields() that causes this error.
Got to run for an appointment...when I have time, hopefully I can dig more on this problem.