CVE-2018-16362 - XSS in Manage Repository and Changesets List pages

@atrol reported an XSS vulnerability in *repo_manage_page.php* and *list.php*

Steps to reproduce:
1. Create a new repository, set all text fields to `<script>alert('XSS');</script>`
2. Save changes, the _Manage Repository_ page executes the code (or reports CSP violations)
3. Click on _Browse_ to navigate to _Changesets_ page for more code execution.

CVE request pending.