Merge pull request #9 from spartez/fix-for-xss-script-injection-in-gr…

…oup-picker Fixed XSS vulnerability in group picker
spartez · Sep 15, 2020 · 17f4b36 · 17f4b36
2 parents 308597e + 8cc06a8
commit 17f4b36
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/src/components/GroupPicker.vue b/src/components/GroupPicker.vue
@@ -31,6 +31,7 @@
 
             queryGroups({term, callback}) {
                 this.$jira.getGroupsForPicker({query: term}).then(groupsResults => {
+                    groupsResults.groups.map(group => group.name = group.html)
                     callback({results: groupsResults.groups.map(group => this.mapGroupToGroupOption(group.name))});
                 })
             },