Translations:DOM-based XSS/36/en

In those cases, you will need to ensure that the user-controlled data is properly escaped for the HTML context where it is being inserted.