Fix Stored XSS

[gtsp233]

Hi, I've discovered a stored Cross-Site Scripting (XSS) vulnerability in your GitHub repository: https://github.com/Aaditya1978/Bug-Blog

Vulnerability Details:
Version Affected: All versions
Severity: [High/Critical – Stored XSS can have a significant impact. Adjust based on your assessment]
Description: The vulnerability allows malicious attacks to inject scripts through a direct network request. Once embedded, any user viewing the story list or the specific story's details will execute the malicious script.
Steps to Reproduce:
Send a direct network request (bypassing the user interface) to /api/user/create with a payload content containing the malicious script: .
After the blog is successfully created, any user who views the blog list or the specific blog’s details will run the malicious script.
Suggested Fix or Mitigation:
Server-side: Within the /create controller, it's essential to sanitize the user's input (content) before processing it to ensure malicious scripts are neutralized.
Client-side: Prior to displaying the story's content using dangerouslySetInnerHtml, ensure that the content is sanitized using tools like DOMPurify to avert script execution.

[netlify]

✅ Deploy Preview for bugblog ready!

Name	Link
🔨 Latest commit	60b2465
🔍 Latest deploy log	https://app.netlify.com/sites/bugblog/deploys/653e1a130e70020008fe6ad5
😎 Deploy Preview	https://deploy-preview-1--bugblog.netlify.app/
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.