From 5fa092e3053b86f16e4c49b9d3ba0b7ab63f09ab Mon Sep 17 00:00:00 2001
From: Hsiaoming Yang <me@lepture.com>
Date: Sun, 3 May 2026 22:54:05 +0900
Subject: [PATCH] fix: escape xml for math plugin

---
 src/mistune/plugins/math.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/mistune/plugins/math.py b/src/mistune/plugins/math.py
index 65bbe10..bfd1910 100644
--- a/src/mistune/plugins/math.py
+++ b/src/mistune/plugins/math.py
@@ -1,4 +1,5 @@
 from typing import TYPE_CHECKING, Match
+from ..util import escape as escape_text
 
 if TYPE_CHECKING:
     from ..block_parser import BlockParser
@@ -25,11 +26,11 @@ def parse_inline_math(inline: "InlineParser", m: Match[str], state: "InlineState
 
 
 def render_block_math(renderer: "BaseRenderer", text: str) -> str:
-    return '<div class="math">$$\n' + text + "\n$$</div>\n"
+    return '<div class="math">$$\n' + escape_text(text) + "\n$$</div>\n"
 
 
 def render_inline_math(renderer: "BaseRenderer", text: str) -> str:
-    return r'<span class="math">\(' + text + r"\)</span>"
+    return r'<span class="math">\(' + escape_text(text) + r"\)</span>"
 
 
 def math(md: "Markdown") -> None: