From d07157354dd1d887d5afb615ae568f1cd8d412cf Mon Sep 17 00:00:00 2001
From: Arjun Shibu <arjunshibu1999@gmail.com>
Date: Wed, 11 Nov 2020 11:36:59 +0530
Subject: [PATCH] added XSS protection for datasets.name field

---
 src/js/charts/AxisChart.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/js/charts/AxisChart.js b/src/js/charts/AxisChart.js
index 5e91fa8..f9182fa 100644
--- a/src/js/charts/AxisChart.js
+++ b/src/js/charts/AxisChart.js
@@ -110,7 +110,7 @@ export default class AxisChart extends BaseChart {
 			let values = d.values;
 			let cumulativeYs = d.cumulativeYs || [];
 			return {
-				name: d.name,
+				name: d.name.replace(/<|>|&/g, (char) => char == '&' ? '&amp;' : char == '<' ? '&lt;' : '&gt;'),
 				index: i,
 				chartType: d.chartType,