From cc61edfa8af7b5ec9d4888c59bf94377e499b78b Mon Sep 17 00:00:00 2001
From: Johann-S <johann.servoire@gmail.com>
Date: Wed, 30 May 2018 09:50:13 +0200
Subject: [PATCH] fix(scrollspy): xss in target option

---
 js/src/scrollspy.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/src/scrollspy.js b/js/src/scrollspy.js
index 091b320bd9..90905b05dd 100644
--- a/js/src/scrollspy.js
+++ b/js/src/scrollspy.js
@@ -115,7 +115,7 @@ const ScrollSpy = (($) => {
 
       this._scrollHeight = this._getScrollHeight()
 
-      const targets = $.makeArray($(this._selector))
+      const targets = $.makeArray(document.querySelectorAll(this._selector))
 
       targets
         .map((element) => {
-- 
2.47.2