When generating the example code in the APIv4 Explorer, the user entered data was not properly sanitised before displaying as example code within the Explorer.
CiviCRM versions 5.35.0 and earlier
CiviCRM version 5.35.1 and ESR version 5.33.3
Upgrade to the latest version of CiviCRM
Coleman Watts of CiviCRM Core team for reporting and Fixing the issue.
Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH for funding the fix
security/core!135