Fix xss issues by santising the fields before presenting (#2391)

Issues reported by @b1nslashsh

app/views/assignments/_form.html.erb

@@ -18,7 +18,7 @@
   </div>
   <div id="description" class="field form-group">
     <h6><%= form.label :description %></h6>
-    <%= render :partial => 'editor/index', :locals => {:content => @assignment.description} %>
+    <%= render :partial => 'editor/index', :locals => {:content => (sanitize @assignment.description)} %>
   </div>
   <div id="deadline-field" class="field form-group projects-tag-form-group">
     <h6><label for="assignment_deadline">Deadline</label></h6> (<span id='remaining-time'><b>(something went wrong when loading script)</b></span>)

app/views/assignments/show.html.erb

@@ -32,7 +32,7 @@
           <% if @assignment.description %>
             <p><strong>Description: </strong></p>
             <div class="assignments-description">
-              <%= @assignment.description&.html_safe %>
+              <%= sanitize @assignment.description&.html_safe %>
             </div>
           <% end %>
           <% if @assignment.restricted_circuit_elements != "None" %>

app/views/projects/_form.html.erb

@@ -39,7 +39,7 @@
   </div>
   <div class="field form-group" id="description">
     <h6><%= form.label :description %></h6>
-    <%= render :partial => 'editor/index', :locals => {:content => @project.description} %>
+    <%= render :partial => 'editor/index', :locals => {:content => (sanitize @project.description)} %>
   </div>
   <div class="field form-group" onclick="beforeSubmit()">
     <%= form.submit class: 'btn primary-button' %> &nbsp;