The parent title of a confluence page is not html encoded when displayed in removepage.action this results in a persistent XSS vector.

Steps to reproduce:
1. Add a page with a title of "" <script>alert(3);</script>
2. from the Add menu select "Add page" (so it is a child of the first page)
3. save the new page (child)
4. on the child page - from the tools menu select "remove"
5. see an alert dialogue with the number 3 in it.