From bcad4bcb5f5a9ef079b2883a48a698b35261e083 Mon Sep 17 00:00:00 2001
From: Johann-S <johann.servoire@gmail.com>
Date: Fri, 25 Aug 2017 21:54:49 +0200
Subject: Fix XSS in data-target

---
 js/src/util.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'js/src')

diff --git a/js/src/util.js b/js/src/util.js
index 69fb8283c..cd3f1fb6a 100644
--- a/js/src/util.js
+++ b/js/src/util.js
@@ -117,7 +117,7 @@ const Util = (($) => {
       }
 
       try {
-        const $selector = $(selector)
+        const $selector = $(document).find(selector)
         return $selector.length > 0 ? selector : null
       } catch (error) {
         return null
-- 
cgit v1.2.3