commit 7010ea90e14305837a30764db8a5e4bc1338e378
author aribeiro <anderson.ribeiro@est.tech> Mon Feb 15 17:24:11 2021 +0000
committer Christophe Closset <christophe.closset@intl.att.com> Tue Mar 16 13:27:37 2021 +0000
tree 31a674fad95261e123e1cd2348f24c11f51373c4
parent 77680c6f9d99adcf5c6a97380043f1d86b0d46fa

Fix Security Vulnerabilities

Issue-ID: SDC-3500
Signed-off-by: aribeiro <anderson.ribeiro@est.tech>
Change-Id: I3fa2ed2bc3a170d8256fbc91c98bbfbaf5c0a403

catalog-ui/src/app/utils/validation-utils.ts

diff --git a/catalog-ui/src/app/utils/validation-utils.ts b/catalog-ui/src/app/utils/validation-utils.ts
index b7e43f7..bcb49d8 100644
--- a/catalog-ui/src/app/utils/validation-utils.ts
+++ b/catalog-ui/src/app/utils/validation-utils.ts
@@ -64,7 +64,10 @@
         if (!text) {
             return null;
         }
-        return text.replace(/\s+/g, ' ').replace(/%[A-Fa-f0-9]{2}/g, '').trim();
+        return text.replace(/\s+/g, ' ').replace(/%[A-Fa-f0-9]{2}/g, '')
+        .replace(/&/g, "&").replace(/>/g, ">")
+        .replace(/</g, "&lt;").replace(/"/g, "&quot;")
+        .replace(/'/g, "&apos;").trim();
     }
 
     public getValidationPattern = (validationType:string, parameterType?:string):RegExp => {