Control Character Injection In Messages

This report involved the injection of control characters, such as Null Byte `0x00`, into vulnerable fields in the Message endpoints in order to cause unexpected, harmful behaviors. Our solution was to both block control characters from being saved on the backend when included in user-input, as well as to suppress the output and rendering of previously-submitted control characters.