Exam report html sanitization
Right now we're rendering the report as is, which may inject html into the report. While according to the current security model it's not a vulnerability, we should eventually sanitize the user input for the feedback.
Right now we're rendering the report as is, which may inject html into the report. While according to the current security model it's not a vulnerability, we should eventually sanitize the user input for the feedback.