fix for xss issue

src/main/template/param.handlebars

@@ -1,18 +1,18 @@
-<td class='code'><label for='{{valueId}}'>{{name}}</label></td>
+<td class='code'><label for='{{{escape valueId}}}'>{{{escape name}}}</label></td>
 <td>
 
 	{{#if isBody}}
 		{{#if isFile}}
-			<input type="file" name='{{name}}' id='{{valueId}}'/>
+			<input type="file" name='{{{escape name}}}' id='{{{escape valueId}}}'/>
 			<div class="parameter-content-type" />
 		{{else}}
 			{{#if default}}
 				<div class="editor_holder"></div>
-				<textarea class='body-textarea' name='{{name}}' id='{{valueId}}'>{{default}}</textarea>
+				<textarea class='body-textarea' name='{{{escape name}}}' id='{{{escape valueId}}}'>{{{escape default}}}</textarea>
         <br />
         <div class="parameter-content-type" />
 			{{else}}
-				<textarea class='body-textarea' name='{{name}}' id='{{valueId}}'></textarea>
+				<textarea class='body-textarea' name='{{{escape name}}}' id='{{{escape valueId}}}'></textarea>
 				<div class="editor_holder"></div>
 				<br />
 				<div class="parameter-content-type" />
@@ -20,7 +20,7 @@
 		{{/if}}
 	{{else}}
 		{{#if isFile}}
-			<input type="file" name='{{name}}' id='{{valueId}}'/>
+			<input type="file" name='{{{escape name}}}' id='{{{escape valueId}}}'/>
 			<div class="parameter-content-type" />
 		{{else}}
 			{{#renderTextParam this}}
@@ -29,8 +29,8 @@
 	{{/if}}
 
 </td>
-<td class="markdown">{{{description}}}</td>
-<td>{{{paramType}}}</td>
+<td class="markdown">{{{sanitize description}}}</td>
+<td>{{{escape paramType}}}</td>
 <td>
 	<span class="model-signature"></span>
 </td>