From 1dfcdd14edf4d1b6c6e0c2dbc958e6b8dca2e964 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=98ystein=20Myhre?=
 <71138449+gruble@users.noreply.github.com>
Date: Wed, 11 Feb 2026 09:02:46 +0100
Subject: [PATCH] Potential fix for code scanning alert no. 5: Unsafe jQuery
 plugin

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .../wwwroot/lib/jquery-validation/dist/jquery.validate.js  | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/SnowProfileScanner/wwwroot/lib/jquery-validation/dist/jquery.validate.js b/SnowProfileScanner/wwwroot/lib/jquery-validation/dist/jquery.validate.js
index 12674b0..6f8edaf 100644
--- a/SnowProfileScanner/wwwroot/lib/jquery-validation/dist/jquery.validate.js
+++ b/SnowProfileScanner/wwwroot/lib/jquery-validation/dist/jquery.validate.js
@@ -1043,6 +1043,13 @@ $.extend( $.validator, {
 				element = this.findByName( element.name );
 			}
 
+			// Normalize to a single DOM element. This prevents accidental
+			// interpretation of arbitrary strings as HTML by jQuery.
+			element = this.clean( element );
+			if ( !element ) {
+				return element;
+			}
+
 			// Always apply ignore filter
 			return $( element ).not( this.settings.ignore )[ 0 ];
 		},