Escape query variable - CrystalCommerce Liquid Documentation for Designers
CC Designer Docs

Escape query variable

The query variable on /products/search is now HTML escaped. This prevents a cross-site scripting attack.