Fix HTML injection exploit (#682)

Escape html special characters from the $fields array to prevent html injection in the generated pdfs.

app/Traits/GeneratesPdfTrait.php

@@ -157,6 +157,10 @@ trait GeneratesPdfTrait
         foreach ($customerCustomFields as $customField) {
             $fields['{'.$customField->customField->slug.'}'] = $customField->defaultAnswer;
         }
+        
+        foreach ($fields as $key => $field) {
+            $fields[$key] = htmlspecialchars($field, ENT_QUOTES, 'UTF-8');
+        }
 
         return $fields;
     }