only you claim it’s a general problem for every field, not just on the Calls module (which makes sense if the bug comes from include directory).
That release was for security fixes, and there were changes to the code that tries to keep people from inserting malicious HTML through data fields. But this seems to be needing improvement… can you please check that Issue and post your findings there? Thanks