Fix code scanning alert - DOM text reinterpreted as HTML

[boomzero]

What does this PR aim to accomplish?:

Fix code scanning alert - DOM text reinterpreted as HTML

How does this PR accomplish the above?:

• XMOJ.user.js: Added an escapeHTML function to escape special HTML characters.
• XMOJ.user.js: Updated the main function to use the escapeHTML function when setting innerHTML to prevent XSS attacks.

---

By submitting this pull request, I confirm the following:

1. I have read and understood the contributor's guide, as well as this entire template. I understand which branch to base my commits and Pull Requests against.
2. I have commented on my proposed changes within the code and I have tested my changes.
3. I am willing to help maintain this change if there are issues with it later.
4. It is compatible with the GNU General Public License v3.0
5. I have squashed any insignificant commits. (git rebase)
6. I have checked that another pull request for this purpose does not exist.
7. I have considered and confirmed that this submission will be valuable to others.
8. I accept that this submission may not be used, and the pull request can be closed at the will of the maintainer.
9. I give this submission freely and claim no ownership to its content.

---

• I have read the above and my PR is ready for review. Check this box to confirm

[github-actions]

Qodana for JS

It seems all right 👌

No new problems were found according to the checks applied

💡 Qodana analysis was run in the pull request mode: only the changed files were checked
☁️ View the detailed Qodana report

Contact Qodana team

Contact us at qodana-support@jetbrains.com

• Or via our issue tracker: https://jb.gg/qodana-issue
• Or share your feedback: https://jb.gg/qodana-discussions