AuthorName is not html escaped when serving Ajax responses

If the author name of a commit contains characters like "<" or ">" the resulting ajax response is wrong.

Example when requesting:
http://bamboo.int/api/rest/getLatestBuildResults.action?auth=XXXXXXXXX&buildKey=GM-STG

The result is:

<response>
<projectName>Gamersmafia</projectName>
<buildName>Staging</buildName>
<buildKey>GM-STG</buildKey>
<buildState>Failed</buildState>
<buildNumber>13</buildNumber>
<failedTestCount>1</failedTestCount>

<successfulTestCount>804</successfulTestCount>
<buildTime>2009-03-22 19:01:39</buildTime>
<buildCompletedDate>2009-03-22T19:03:42+0100</buildCompletedDate>
<buildDurationInSeconds>123</buildDurationInSeconds>
<buildDurationDescription>2 minutes</buildDurationDescription>
<buildRelativeBuildDate>1 week ago</buildRelativeBuildDate>

<buildTestSummary>1 out of 805 failed</buildTestSummary>
<buildReason>Code has changed</buildReason>

<commits>
<commit author="slnc <s@slnc.me>" />
<commit author="slnc <s@slnc.me>" />
<commit author="slnc <s@slnc.me>" />
<commit author="slnc <s@slnc.me>" />
<commit author="slnc <s@slnc.me>" />
<commit author="slnc <s@slnc.me>" />
<commit author="slnc <s@slnc.me>" />
<commit author="slnc <s@slnc.me>" />
<commit author="slnc <s@slnc.me>" />
<commit author="slnc <s@slnc.me>" />
<commit author="slnc <s@slnc.me>" />
</commits>
</response>

But the commit lines should be:

<commit author="slnc <s@slnc.me>" />