Commit dc2be10a authored by alexpott's avatar alexpott

Issue #2567673 by joelpittet: Escaped markup with $.text() injected into a tag will cause XSS

parent df7ced55
......@@ -291,7 +291,7 @@
Drupal.viewsUi.AddItemForm.prototype.handleCheck = function (event) {
var $target = $(;
var label = $.trim($;
var label = $.trim($;
// Add/remove the checked item to the list.
if ($':checked')) {
this.$'display', 'block');
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment