From c2fccdc3985ed653f5492c250dd2001f0671ddb0 Mon Sep 17 00:00:00 2001
From: c5254061 <maksim.shakavin@sap.com>
Date: Wed, 18 Apr 2018 11:05:21 +0300
Subject: [PATCH] Fix xss vulnerability(escape html in item label)

---
 src/scripts/src/components/input.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/scripts/src/components/input.js b/src/scripts/src/components/input.js
index 4a40eb1..f8e9251 100644
--- a/src/scripts/src/components/input.js
+++ b/src/scripts/src/components/input.js
@@ -1,4 +1,4 @@
-import { getWidthOfInput } from '../lib/utils';
+import { getWidthOfInput, stripHTML } from '../lib/utils';
 
 export default class Input {
   constructor(instance, element, classNames) {
@@ -145,7 +145,7 @@ export default class Input {
   }
 
   getValue() {
-    return this.element.value;
+    return stripHTML(this.element.value);
   }
 
   setActiveDescendant(activeDescendantID) {