[github.com/woodpecker-ci/woodpecker] Woodpecker allows cross-site scripting (XSS) via build logs

Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-29947
• https://github.com/woodpecker-ci/woodpecker/pull/879
• https://github.com/woodpecker-ci/woodpecker/releases/tag/v0.15.1
• https://github.com/advisories/GHSA-vmp5-c5hp-6c65