This is a vulnerable page that allows XSS.
Original Vulnerable Input: {{ user_input }}
Properly Sanitized Input:
{{ user_input|safe|replace('\n', '
') }}
Example: Enter Hello World! <script>alert('Cross-Side Scripting!');</script> into the text box
to show an XSS vulnerability as well as a sanitized input.