Please sign in to comment.
Fix potential XSS in _ariaSay().
If the "text" version of an AutoComplete result actually contains HTML characters (e.g. "<b>foo</b>"), it would be inserted into the ARIA live region as HTML rather than as text. An attacker with the ability to influence the content of results could leverage this to carry out an XSS attack.
- Loading branch information...
Showing with 19 additions and 1 deletion.