From a4437cb786a4e84b8b288c70b0d42ef6af9ffa82 Mon Sep 17 00:00:00 2001
From: Ali-D-Akbar <aliakbarit019@gmail.com>
Date: Fri, 16 Apr 2021 14:10:21 +0500
Subject: [PATCH] refactor: fix xss PROD-2301

---
 cms/static/js/views/active_video_upload.js | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/cms/static/js/views/active_video_upload.js b/cms/static/js/views/active_video_upload.js
index 8579bec475..aad2b3f00b 100644
--- a/cms/static/js/views/active_video_upload.js
+++ b/cms/static/js/views/active_video_upload.js
@@ -1,6 +1,7 @@
 define(
-    ['underscore', 'js/models/active_video_upload', 'js/views/baseview', 'common/js/components/views/feedback_prompt'],
-    function(_, ActiveVideoUpload, BaseView, PromptView) {
+    ['underscore', 'js/models/active_video_upload', 'js/views/baseview', 'common/js/components/views/feedback_prompt',
+        'edx-ui-toolkit/js/utils/html-utils'],
+    function(_, ActiveVideoUpload, BaseView, PromptView, HtmlUtils) {
         'use strict';
 
         var STATUS_CLASSES = [
@@ -25,7 +26,7 @@ define(
             render: function() {
                 var $el = this.$el,
                     status;
-                $el.html(this.template(this.model.attributes));
+                $el.html(HtmlUtils.HTML(this.template(this.model.attributes)).toString());
                 status = this.model.get('status');
                 _.each(
                     STATUS_CLASSES,