From f2854408cce7e4b7fc6bf8676761904af9c96bde Mon Sep 17 00:00:00 2001
From: Scott González <scott.gonzalez@gmail.com>
Date: Tue, 27 Nov 2012 11:21:33 -0500
Subject: Tooltip: Escape the title attribute so that it's treated as text and
 not HTML. Fixes #8861 - Tooltip: XSS vulnerability in default content.

---
 demos/autocomplete/combobox.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'demos/autocomplete')

diff --git a/demos/autocomplete/combobox.html b/demos/autocomplete/combobox.html
index 8c6f59fc1..6229d47b2 100644
--- a/demos/autocomplete/combobox.html
+++ b/demos/autocomplete/combobox.html
@@ -61,7 +61,7 @@
 						// remove invalid value, as it didn't match anything
 						$( element )
 							.val( "" )
-							.attr( "title", $( "<a>" ).text( value ).html() + " didn't match any item" )
+							.attr( "title", value + " didn't match any item" )
 							.tooltip( "open" );
 						select.val( "" );
 						setTimeout(function() {
-- 
cgit v1.2.3