favorites- Stored XSS defect in web,

favorites-web has a stored-type XSS flaw that allows you to register user nicknames for XSSpayload, such as <script>alert('hello, SB! '); </script>, register a new user with the payload, and then comment,
![image](https://user-images.githubusercontent.com/110451039/209119967-4087c610-c582-473e-ba8a-45ed215c3c00.png)
