addressed comments, updated xkcd ref and changed formatting

Signed-off-by: Helge Wehder <[email protected]>

docs/Secure-Coding-Guide-for-Python/CWE-707/CWE-89/README.md

@@ -154,10 +154,13 @@ Test results:
 
 The `compliant01.py` code example is using `sqlite3.cursor.execute(get_values, data_tuple)` that:
 
-* Separates the query from the values to reduce injection attacks.<br>
-`data_tuple = (name,)`<br>
-`get_values = "SELECT * FROM Students WHERE student = ?"`<br>
-`self.cursor.execute(get_values, data_tuple)`<br>
+* Separates the query from the values to reduce injection attacks.
+
+```python
+data_tuple = (name,)`<br>
+get_values = "SELECT * FROM Students WHERE student = ?"
+self.cursor.execute(get_values, data_tuple)
+```
 
 * Is limited to a single-line query to protect against multi-line attacks.
 
@@ -285,7 +288,7 @@ DEBUG:root:Adding student Malorny
 
 |||
 |:---|:---|
-|[XKCD 2007]|327 Exploits of a Mom, Available [online] from: [https://www.explainxkcd.com/wiki/index.php/327:_Exploits_of_a_Momhtml#article](https://www.explainxkcd.com/wiki/index.php/327:_Exploits_of_a_Mom), [Accessed 2024] |
+|[XKCD 2007]|327 Exploits of a Mom, Available [online] from: [https://xkcd.com/327/](https://xkcd.com/327/), [Accessed 2024] |
 |[Jeff Forristal 1998]|Phrack magazine. Batch commands in ODBC and MS SQL server 6.5, Available [online]  from: [http://phrack.org/issues/54/8.html#article](http://phrack.org/issues/54/8.html#article ) [accessed 11 November 2024] |
 |[Oracle 2024]|Oracle MySQL Documentation. MySQL Shell commands, Available [online] from: [https://dev.mysql.com/doc/mysql-shell/8.0/en/mysql-shell-commands.html](https://dev.mysql.com/doc/mysql-shell/8.0/en/mysql-shell-commands.html]), [Accessed Nov 2024]|
 |[OWASP 2005]|A Guide to Building Secure Web Applications and Web Services, Available from [http://sourceforge.net/projects/owasp/files/Guide/2.0.1/OWASPGuide2.0.1.pdf/download](http://sourceforge.net/projects/owasp/files/Guide/2.0.1/OWASPGuide2.0.1.pdf/download), [Accessed Nov 2024]|