MBS-10672: Fix AI chat HTML code output with XSS protection

Author: BarbuiaGmbH

classes/base_purpose.php

@@ -175,7 +175,14 @@ public function format_output(string $output): string {
         $output = str_replace('\\)', '\\\\)', $output);
         $output = str_replace('\\[', '\\\\[', $output);
         $output = str_replace('\\]', '\\\\]', $output);
-        return format_text($output, FORMAT_MARKDOWN, ['filter' => false]);
+
+        // Use Moodle's core markdown_to_html() function.
+        // It uses MarkdownExtra which already escapes HTML inside code blocks by default.
+        $html = markdown_to_html($output);
+
+        // Final security layer: remove any dangerous HTML elements outside code blocks.
+        // This prevents XSS from raw HTML that the LLM might return outside of code blocks.
+        return purify_html($html);
     }
 
     /**