MDL-70767 feedback: Prevent xss in feedback answer text.

mod/feedback/classes/complete_form.php

@@ -323,7 +323,7 @@ class mod_feedback_complete_form extends moodleform {
 
         // Set default value.
         if ($setdefaultvalue && ($tmpvalue = $this->get_item_value($item))) {
-            $this->_form->setDefault($element->getName(), htmlspecialchars_decode($tmpvalue, ENT_QUOTES));
+            $this->_form->setDefault($element->getName(), s($tmpvalue));
         }
 
         // Freeze if needed.

mod/feedback/classes/responses_table.php

@@ -196,7 +196,7 @@ class mod_feedback_responses_table extends table_sql {
             $itemobj = feedback_get_item_class($items[$matches[1]]->typ);
             $printval = $itemobj->get_printval($items[$matches[1]], (object) ['value' => $row->$column]);
             if ($this->is_downloading()) {
-                $printval = html_entity_decode($printval, ENT_QUOTES);
+                $printval = s($printval);
             }
             return trim($printval);
         }