Ampersand (&) Broken For Months
There are several questions about ampersands dating back to December, 2015. You can search the forums for "ampersand" to see them all. The cause of all of these issues (including display, searching, etc.) is that your website is changing the ampersand character (&) into its HTML escape value (&) immediately after someone types it in. This has the following effects:
1) Searching on a category that has an ampersand will not find results (e.g. "Gas & Fuel" does not match "Gas & Fuel").
2) Descriptions/Payees are not correct in the display (e.g. "Bed Bath & Beyond").
This has nothing to do with browsers, browser versions, or cache. It was a change made to the code sometime in late November or early December 2015, and is coming from the server side.
This is a huge pain and such an easy thing to fix. I find it funny that Mint engineers targeted the ampersand character since the escape character also has the ampersand in it (& becomes &). I can think of no reason that you would need to do this - it has no impact on site security.
Users have already submitted support tickets to Mint, and have also pinged @MintCares on Twitter. No result. There are workarounds to search submitted by Mint users that involve manipulating the URL in the address bar, but this does not solve the problem of new categories or descriptions being saved incorrectly. Here is the link to all of the other related questions, and posts to Twitter:
Hoping for a real response from Mint, but not hopeful.
Starting on line 9708 in library.js:
Only the ampersand character is being encoded due to the /\&/g pattern. None of these other values (<, >, etc.) are being evaluated.
Suggested fix - just get rid of this entire stack. Not needed. The unescape is never called, and only the & is going through the routine. A quick fix: