Enhance security by adding DOMPurify sanitization comments in newsletter and Vereins components, and update path handling comments in server utilities to address potential path traversal vulnerabilities.

server/utils/news.js

@@ -10,10 +10,12 @@ const getDataPath = (filename) => {
   
   // In production (.output/server), working dir is .output
   if (cwd.endsWith('.output')) {
+    // nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal
     return path.join(cwd, '../server/data', filename)
   }
   
   // In development, working dir is project root
+  // nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal
   return path.join(cwd, 'server/data', filename)
 }