From 893a01f1bf0908c8a2639f0a1b9fb67bdf0e6f1b Mon Sep 17 00:00:00 2001
From: Ali-D-Akbar <aliakbarit019@gmail.com>
Date: Fri, 28 Aug 2020 18:43:54 +0500
Subject: [PATCH] PROD-1613

---
 lms/templates/ccx/coach_dashboard.html | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lms/templates/ccx/coach_dashboard.html b/lms/templates/ccx/coach_dashboard.html
index 498a8d583a19..0fb54c584836 100644
--- a/lms/templates/ccx/coach_dashboard.html
+++ b/lms/templates/ccx/coach_dashboard.html
@@ -129,8 +129,9 @@ <h2 class="hd hd-2" id="header-ccx-dashboard">${_("CCX Coach Dashboard")}</h2>
           studentId = $('<input />', {
             type: 'hidden',
             name: 'student-id',
-            value: selectedStudent
+            value: edx.HtmlUtils.ensureHtml(selectedStudent)
           });
+          // xss-lint: disable=javascript-jquery-append
           form.append(action, studentId).submit();
         }
     });
@@ -153,7 +154,7 @@ <h2 class="hd hd-2" id="header-ccx-dashboard">${_("CCX Coach Dashboard")}</h2>
       $errorMessage.show();
       return false;
     } else if (hasCcxConnector) {
-      $errorMessage.html('${use_ccx_con_error_message | n, js_escaped_string}');
+      $errorMessage.text('${use_ccx_con_error_message | n, js_escaped_string}');
       $errorMessage.show();
       return false;
     }