Ensure arbitary JS and HTML is not rendered on EventViewPage

I'm not sure if this is a problem or not, but it just occurred to me when thinking of Markdown in another context: If the user enters HTML or JavaScript, does it get rendered by the Markdown renderer? We don't want the user to be able to inject JS into the page (huge security hole), and we probably want to restrict the kinds of HTML people can use.