Security: Remove on* attributes for input text fields

Fix advisory GHSA-gw58-89f7-4xgj

Author: AngelFQC

main/inc/lib/formvalidator/FormValidator.class.php

@@ -217,6 +217,8 @@ public function addText($name, $label, $required = true, $attributes = [], $crea
 
         $this->applyFilter($name, 'trim');
         $this->applyFilter($name, 'html_filter');
+        $this->applyFilter($name, 'attr_on_filter');
+
         if ($required) {
             $this->addRule($name, get_lang('ThisFieldIsRequired'), 'required');
         }