fix: Sanitize 'sortby' variable in ZoneTemplate to prevent XSS

fix: Sanitize 'sortby' variable in ZoneTemplate to prevent XSS #219