Fix the wrongly declared XSS risk in local/o365/db/access.php#L39 #2898
Description
There is a declared xss risk here:
https://github.com/microsoft/o365-moodle/blob/master/local/o365/db/access.php#L39-L40
This capability is typically given to students and raises red flags in a few places. This is a read only capability so should not have a real XSS risk, so either is does have that risk which should be fixed, or more probably it's just a copy paste error and there is no real risk.