From 9d1bac36ca7be94516635ef71eedfea6df1e77f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20J=C3=A4ckle?= Date: Fri, 17 May 2024 17:05:07 +0200 Subject: [PATCH] sanitize an additional input which was still missing MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Thomas Jäckle --- ui/modules/utils.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ui/modules/utils.ts b/ui/modules/utils.ts index 37a4dc1fde..fb592fd9c6 100644 --- a/ui/modules/utils.ts +++ b/ui/modules/utils.ts @@ -144,8 +144,8 @@ export function addDropDownEntries(target, items, isHeader = false) { items.forEach((value) => { const li = document.createElement('li'); li.innerHTML = isHeader ? - `` : - `${value}`; + `` : + `${sanitizeHTML(value)}`; target.appendChild(li); }); }