Securing PDF Uploads in MVC: Mitigating PDF Injection and Cross-site Scripting Vulnerabilities