-
Bug
-
Resolution: Fixed
-
Trivial
-
None
If you use a markup formatter, the formatted markup's HTML is escaped so < becomes < which means that you see the HTML rather than having the HTML applied!
The markup formatters are supposed to worry about the XSS, so let the markup formatters take care of the issue and expose their output unescaped.