Internal: Strip HTML tags and decode entities in not allowed message - refs BT#22701

christianbeeznest · christianbeeznest · commit 5acaeec3f2d1 · 2025-06-18T12:49:22.000-05:00
diff --git a/src/CoreBundle/Resources/views/Exception/not_allowed_message.html.twig b/src/CoreBundle/Resources/views/Exception/not_allowed_message.html.twig
@@ -12,7 +12,7 @@
         <div class="flex items-center gap-4 rounded-2xl p-6 {{ style.bg }} {{ style.txt }}/80 shadow text-bold">
             <i class="{{ style.icon }} text-4xl {{ style.txt }}"></i>
             <p class="font-extrabold text-xl {{ style.txt }}">
-                {{ message|trans }}
+                {{ message|trans|striptags|raw }}
             </p>
         </div>
     </div>
