I'm developing a Node.js API using Express.js, TypeScript, and MongoDB (Mongoose), and I'm concerned about security vulnerabilities such as XSS attacks. Specifically, I aim to ensure that user-provided input data containing HTML tags is sanitized before persisting it in my database.currently all html tags safely presist in database.
What are the recommended approaches or best practices for implementing input sanitization within this tech stack to effectively mitigate XSS risks?