fix(SECURITY): 🐛 🔒️ sanitize search result descriptions in old search module

SomeMWDev · alistair3149 · commit aedbceb3380b · 2025-07-03T12:58:02.000-04:00
The descriptions from TextExtracts, Description2, Wikibase, and ShortDescription can contain unsanitized user input. This fixes a stored XSS vulnerability. CVE-2025-53368
diff --git a/resources/skins.citizen.search/templates/TypeaheadListItem.mustache b/resources/skins.citizen.search/templates/TypeaheadListItem.mustache
@@ -15,7 +15,7 @@
 		<div class="citizen-typeahead-list-item-text">
 			{{#text}}{{.}}{{/text}}
 			{{#title}}<div class="citizen-typeahead-list-item-title">{{{.}}}</div>{{/title}}
-			{{#description}}<div class="citizen-typeahead-list-item-description">{{{.}}}</div>{{/description}}
+			{{#description}}<div class="citizen-typeahead-list-item-description">{{.}}</div>{{/description}}
 		</div>
 		{{#html-end}}<div class="citizen-typeahead-list-item-end">{{{.}}}</div>{{/html-end}}
 	</a>
