From a91ad184b98b63d29374f71628acbc65e74a7f82 Mon Sep 17 00:00:00 2001
From: Axel Guckelsberger <info@guite.de>
Date: Sun, 19 Sep 2021 00:20:37 +0200
Subject: [PATCH] correct description sanitizing for text escape strategy

---
 Twig/TwigExtension.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Twig/TwigExtension.php b/Twig/TwigExtension.php
index 5c579b1a..0ad4d894 100644
--- a/Twig/TwigExtension.php
+++ b/Twig/TwigExtension.php
@@ -202,7 +202,7 @@ public function escapeDescription($entity)
             case 'raw':
                 return $description;
             case 'text':
-                return nl2br(htmlentities($description));
+                return nl2br(htmlspecialchars($description));
             case 'markdown':
                 return $this->markdownExtra->transform($description);
             default: