Paste is vulnerable to XSS

[SuperFola]

see https://paste.12f.pl/ckCJatzmaEmb

I just wrote <script>alert("ok")</script>

[mkaczanowski]

Yeah, that needs to be addressed soon (PR's are most welcome)

[erkiesken]

Just made a PR. I hope the javascript plugin output loop was the only place needing special raw output. If you know other template sections that need this, then let me know.

[erkiesken]

@mkaczanowski any chance you can review, merge and release this fix?