Backport "Prevent HTML/XSS Injection in Scala Search" to LTS (#21005)

Backports #19980 to the LTS branch.

PR submitted by the release tooling.
[skip ci]

docs/_layouts/search.html

@@ -47,11 +47,11 @@ <h2 class="d-none d-md-block">Member Results</h2>
 
     // Set search term and title:
     var searchTerm = decodeURIComponent(parameters["searchTerm"]);
-    document.getElementById("searching-for").innerHTML = 'Search results for "' + searchTerm + '"';
+    document.getElementById("searching-for").innerText = 'Search results for "' + searchTerm + '"';
     document.title = searchTerm + ' - Search results';
 
     if (!window.Worker) {
-        document.getElementById("searching-for").innerHTML =
+        document.getElementById("searching-for").innerText =
             "Couldn't search for \"" + searchTerm + "\", " +
             "web workers not supported. Please update your browser.";
     }