Security issue in get endpoints

[ludtkemorgan]

Our get endpoints that are expecting a UUID does not do any verification on the inputted string until it gets to the DB layer. This could potentially cause a security issue if someone inputs a value with the purpose of doing an sql injection

I believe this vulnerability is better protected in the prisma backend so will be resolved with updating the backend but in the meantime we should add extra protection on the controller level. For example we should verify the input is in fact a UUID before sending it to the service.