using System;

using System.Xml;

using System.Xml.Xsl;

using System.IO;

​

public class Program

{

    public static void Main()

    {

        var transform = new XslCompiledTransform();

        var xml = @"<Contact><Name>hello &lt;script&gt;alert('!')&lt;/script&gt;</Name></Contact>";

        var xslt = @"<xsl:stylesheet version=""1.0"" xmlns:xsl=""http://www.w3.org/1999/XSL/Transform"">

<xsl:output method=""xml"" indent=""yes"" doctype-system=""html"" />

<xsl:template match=""/"">

    <span data-title=""{{ 'title': '{/Contact/Name}' }}"">

        Name: <xsl:value-of select=""/Contact/Name""/>

        Input: <input type=""text"" value=""{/Contact/Name}""/>

    </span>

</xsl:template></xsl:stylesheet>

";

​

        transform.Load(XmlReader.Create(new StringReader(xslt)));

        var settings = transform.OutputSettings.Clone();

        using (var output = new MemoryStream())

        using (var writer = XmlWriter.Create(output, settings))

        {

            var args = new System.Xml.Xsl.XsltArgumentList();

            transform.Transform(XmlReader.Create(new StringReader(xml)), args, writer);

            writer.Flush();

            output.Position = 0;

            Console.Write(new StreamReader(output).ReadToEnd());

        }

    }

}