Demo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability