diff --git a/DNN Platform/Library/Security/PortalSecurity.cs b/DNN Platform/Library/Security/PortalSecurity.cs
index 458b7aea50d..70275fcff62 100644
--- a/DNN Platform/Library/Security/PortalSecurity.cs	
+++ b/DNN Platform/Library/Security/PortalSecurity.cs	
@@ -62,26 +62,26 @@ public class PortalSecurity
             new Regex("<ilayer[^>]*>.*?</ilayer[^><]*>", RxOptions),
             new Regex("<form[^>]*>", RxOptions),
             new Regex("</form[^><]*>", RxOptions),
-            new Regex("onerror", RxOptions),
-            new Regex("onload", RxOptions),
-            new Regex("onfocus", RxOptions),
-            new Regex("onblur", RxOptions),
-            new Regex("onclick", RxOptions),
-            new Regex("ondblclick", RxOptions),
-            new Regex("onchange", RxOptions),
-            new Regex("onselect", RxOptions),
-            new Regex("onsubmit", RxOptions),
-            new Regex("onreset", RxOptions),
-            new Regex("onkeydown", RxOptions),
-            new Regex("onkeyup", RxOptions),
-            new Regex("onkeypress", RxOptions),
-            new Regex("onmousedown", RxOptions),
-            new Regex("onmousemove", RxOptions),
-            new Regex("onmouseout", RxOptions),
-            new Regex("onmouseover", RxOptions),
-            new Regex("onmouseup", RxOptions),
-            new Regex("onreadystatechange", RxOptions),
-            new Regex("onfinish", RxOptions),
+            new Regex("\bonerror\b", RxOptions),
+            new Regex("\bonload\b", RxOptions),
+            new Regex("\bonfocus\b", RxOptions),
+            new Regex("\bonblur\b", RxOptions),
+            new Regex("\bonclick\b", RxOptions),
+            new Regex("\bondblclick\b", RxOptions),
+            new Regex("\bonchange\b", RxOptions),
+            new Regex("\bonselect\b", RxOptions),
+            new Regex("\bonsubmit\b", RxOptions),
+            new Regex("\bonreset\b", RxOptions),
+            new Regex("\bonkeydown\b", RxOptions),
+            new Regex("\bonkeyup\b", RxOptions),
+            new Regex("\bonkeypress\b", RxOptions),
+            new Regex("\bonmousedown\b", RxOptions),
+            new Regex("\bonmousemove\b", RxOptions),
+            new Regex("\bonmouseout\b", RxOptions),
+            new Regex("\bonmouseover\b", RxOptions),
+            new Regex("\bonmouseup\b", RxOptions),
+            new Regex("\bonreadystatechange\b", RxOptions),
+            new Regex("\bonfinish\b", RxOptions),
             new Regex("javascript:", RxOptions),
             new Regex("vbscript:", RxOptions),
             new Regex("unescape", RxOptions),
@@ -874,7 +874,7 @@ public static bool IsDenied(string roles)
             PortalSettings settings = PortalController.Instance.GetCurrentPortalSettings();
             return IsDenied(objUserInfo, settings, roles);
         }
-
+         
         public static bool IsDenied(UserInfo objUserInfo, PortalSettings settings, string roles)
         {
             //super user always has full access