Escape render option and item

Author: WebMamba

src/Autocomplete/assets/dist/controller.js

@@ -344,8 +344,8 @@ _default_1_instances = new WeakSet(), _default_1_getCommonConfig = function _def
         optgroupField: 'group_by',
         score: (search) => (item) => 1,
         render: {
-            option: (item) => `<div>${item[labelField]}</div>`,
-            item: (item) => `<div>${item[labelField]}</div>`,
+            option: (item, escapeData) => `<div>${escapeData(item[labelField])}</div>`,
+            item: (item, escapeData) => `<div>${escapeData(item[labelField])}</div>`,
             loading_more: () => {
                 return `<div class="loading-more-results">${this.loadingMoreTextValue}</div>`;
             },

src/Autocomplete/assets/src/controller.ts

@@ -296,8 +296,8 @@ export default class extends Controller {
             // avoid extra filtering after results are returned
             score: (search: string) => (item: any) => 1,
             render: {
-                option: (item: any) => `<div>${item[labelField]}</div>`,
-                item: (item: any) => `<div>${item[labelField]}</div>`,
+                option: (item: any, escapeData: typeof escape_html) => `<div>${escapeData(item[labelField])}</div>`,
+                item: (item: any, escapeData: typeof escape_html) => `<div>${escapeData(item[labelField])}</div>`,
                 loading_more: (): string => {
                     return `<div class="loading-more-results">${this.loadingMoreTextValue}</div>`;
                 },