From 2967b3c1bb5608b04bfcbe72f942094fe3877116 Mon Sep 17 00:00:00 2001
From: Sidharth Vinod <sidharthv96@gmail.com>
Date: Mon, 21 Aug 2023 14:25:25 +0530
Subject: [PATCH] fix: XSS vulnerability

---
 packages/mermaid/src/utils.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/packages/mermaid/src/utils.ts b/packages/mermaid/src/utils.ts
index cae3d5bfe..4f9cedebd 100644
--- a/packages/mermaid/src/utils.ts
+++ b/packages/mermaid/src/utils.ts
@@ -105,6 +105,7 @@ export const detectInit = function (
 
   if (Array.isArray(inits)) {
     const args = inits.map((init) => init.args);
+    sanitizeDirective(args);
     results = assignWithDepth(results, [...args]);
   } else {
     results = inits.args;