3 files changed, 15 insertions, 1 deletions

diff --git a/app/assets/javascripts/ide/components/commit_sidebar/actions.vue b/app/assets/javascripts/ide/components/commit_sidebar/actions.vue
index eb7cb9745ec..a8b5c7a16d0 100644
--- a/app/assets/javascripts/ide/components/commit_sidebar/actions.vue
+++ b/app/assets/javascripts/ide/components/commit_sidebar/actions.vue
@@ -1,4 +1,5 @@
 <script>
+import _ from 'underscore';
 import { mapActions, mapState, mapGetters } from 'vuex';
 import { sprintf, __ } from '~/locale';
 import * as consts from '../../stores/modules/commit/constants';
@@ -14,7 +15,7 @@ export default {
     commitToCurrentBranchText() {
       return sprintf(
         __('Commit to %{branchName} branch'),
-        { branchName: `<strong class="monospace">${this.currentBranchId}</strong>` },
+        { branchName: `<strong class="monospace">${_.escape(this.currentBranchId)}</strong>` },
         false,
       );
     },
diff --git a/changelogs/unreleased/security-ide-branch-name-xss.yml b/changelogs/unreleased/security-ide-branch-name-xss.yml
new file mode 100644
index 00000000000..51742ffa4e9
--- /dev/null
+++ b/changelogs/unreleased/security-ide-branch-name-xss.yml
@@ -0,0 +1,5 @@
+---
+title: Fixed XSS in branch name in Web IDE
+merge_request:
+author:
+type: security
diff --git a/spec/javascripts/ide/components/commit_sidebar/actions_spec.js b/spec/javascripts/ide/components/commit_sidebar/actions_spec.js
index 27f10caccb1..3a5d6c8a90b 100644
--- a/spec/javascripts/ide/components/commit_sidebar/actions_spec.js
+++ b/spec/javascripts/ide/components/commit_sidebar/actions_spec.js
@@ -46,4 +46,12 @@ describe('IDE commit sidebar actions', () => {
       done();
     });
   });
+
+  describe('commitToCurrentBranchText', () => {
+    it('escapes current branch', () => {
+      vm.$store.state.currentBranchId = '<img src="x" />';
+
+      expect(vm.commitToCurrentBranchText).not.toContain('<img src="x" />');
+    });
+  });
 });