From d289457c0c2a8353a5995a8ac285788d9809faf0 Mon Sep 17 00:00:00 2001
From: Stephen Abello <stephen.abello@combodo.com>
Date: Thu, 2 Dec 2021 09:39:10 +0100
Subject: [PATCH] =?UTF-8?q?N=C2=B04495=20Security=20hardening?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 js/search/search_form_criteria_enum.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/search/search_form_criteria_enum.js b/js/search/search_form_criteria_enum.js
index be741ca25c..9a8ecadd4d 100644
--- a/js/search/search_form_criteria_enum.js
+++ b/js/search/search_form_criteria_enum.js
@@ -916,7 +916,7 @@ $(function()
 		// - Make a jQuery element for a list item
 		_makeListItemElement: function(sLabel, sValue, bInitChecked, bInitHidden)
 		{
-			var sEscapedLabel = sLabel; // Note: We don't escape this anymore as there is an issue with AttributeExternalKey being already escaped. This will be put back in iTop 2.7 with the AttributeDefinition::GetAllowedValues() refactoring. $('<div />').text(sLabel).html();
+			var sEscapedLabel = $('<div />').text(sLabel).html();
 			var oItemElem = $('<div></div>')
 				.addClass('sfc_opc_mc_item')
 				.attr('data-value-code', sValue)