Fix: XSS vulnerability in some module titles

app/Module/HtmlBlockModule.php

@@ -108,7 +108,7 @@ public function getBlock(Tree $tree, int $block_id, string $context, array $conf
                 'block'      => Str::kebab($this->name()),
                 'id'         => $block_id,
                 'config_url' => $this->configUrl($tree, $context, $block_id),
-                'title'      => $title,
+                'title'      => e($title),
                 'content'    => $content,
             ]);
         }

app/Module/UserWelcomeModule.php

@@ -117,7 +117,7 @@ public function getBlock(Tree $tree, int $block_id, string $context, array $conf
         ];
         $content = view('modules/user_welcome/welcome', ['links' => $links]);
 
-        $real_name = '<bdi>' . e(Auth::user()->realName()) . '</bdi>';
+        $real_name = "\u{2068}" . e(Auth::user()->realName()) . "\u{2069}";
 
         /* I18N: A %s is the user’s name */
         $title = I18N::translate('Welcome %s', $real_name);
@@ -127,7 +127,7 @@ public function getBlock(Tree $tree, int $block_id, string $context, array $conf
                 'block'      => Str::kebab($this->name()),
                 'id'         => $block_id,
                 'config_url' => '',
-                'title'      => $title,
+                'title'      => e($title),
                 'content'    => $content,
             ]);
         }

app/Module/WelcomeBlockModule.php

@@ -123,7 +123,7 @@ public function getBlock(Tree $tree, int $block_id, string $context, array $conf
                 'block'      => Str::kebab($this->name()),
                 'id'         => $block_id,
                 'config_url' => '',
-                'title'      => $individual->tree()->title(),
+                'title'      => e($individual->tree()->title()),
                 'content'    => $content,
             ]);
         }