Use DOMPurify to sanitize and mitigate XSS attacks

[TheMythologist]

Description

An XSS vulnerability is present in the Markdown component, where unsanitized user input is directly passed into dangerouslySetInnerHTML. For more info, refer to here.

Note: The changes in UI test snapshots are merely the order of the a tag attributes - they are essentially the same.

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update
• Code quality improvements

How to test

An example would be entering the text <img src="" onerror={alert('xss')} /> in the "Module Help Text" of the Admin Panel page when creating a new course. After sanitization, the alert('xss') command should not be run.

Checklist

• I have tested this code

[coveralls]

Pull Request Test Coverage Report for Build 11007895846

Details

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 31.449%

---

Totals
Change from base Build 10982558647:	0.0%
Covered Lines:	4852
Relevant Lines:	14547

---

💛 - Coveralls

[sayomaki]

Hi, thanks for catching this and working on this! The changes looks good to me, and I think we can go ahead and have this merged once @RichDom2185 takes a look as well.

[RichDom2185]

LGTM, thanks and sorry for the delayed review!