Your company's development team has identified that a web application hosted in a staging GKE environment dynamically includes user data in web pages without proper input validation. This flaw could enable an attacker to execute malicious scripts and display arbitrary content in a victim's browser if deployed to production.

How should you remediate and prevent this vulnerability?