From 0878357e12d73ce2c309771f57abefd74e915745 Mon Sep 17 00:00:00 2001
From: awesomerobot <kris.aubuchon@discourse.org>
Date: Wed, 6 Dec 2023 09:52:11 -0500
Subject: [PATCH] UX: escape category title

---
 javascripts/discourse/initializers/category-icons.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/javascripts/discourse/initializers/category-icons.js b/javascripts/discourse/initializers/category-icons.js
index 863d4e9..6e90f4f 100644
--- a/javascripts/discourse/initializers/category-icons.js
+++ b/javascripts/discourse/initializers/category-icons.js
@@ -63,7 +63,9 @@ export default {
 
       function categoryIconsRenderer(category, opts) {
         let siteSettings = helperContext().siteSettings;
-        let descriptionText = get(category, "description_text");
+        let descriptionText = escapeExpression(
+          get(category, "description_text")
+        );
         let restricted = get(category, "read_restricted");
         let url = opts.url
           ? opts.url