Skip to content

Commit

Permalink
Merge pull request #1 from arjunshibu/master
Browse files Browse the repository at this point in the history 
Security fix for Cross-Site Scripting Vulnerability in frappe-charts
  • Loading branch information
@JamieSlome
JamieSlome authored Nov 16, 2020
2 parents 92a3df9 + d071573 commit 2fb0609
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/js/charts/AxisChart.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ export default class AxisChart extends BaseChart {
let values = d.values;
let cumulativeYs = d.cumulativeYs || [];
return {
name: d.name,
name: d.name.replace(/<|>|&/g, (char) => char == '&' ? '&amp;' : char == '<' ? '&lt;' : '&gt;'),
index: i,
chartType: d.chartType,

Expand Down

0 comments on commit 2fb0609

Please sign in to comment.