Escape commit message from XSS and broken markup.

Closes #769

PHPCI/Model/Build.php

@@ -193,4 +193,11 @@ class Build extends BuildBase
 
         return $rtn;
     }
+
+    public function getCommitMessage()
+    {
+        $rtn = htmlspecialchars($this->data['commit_message']);
+
+        return $rtn;
+    }
 }

PHPCI/Model/Build/GithubBuild.php

@@ -101,7 +101,7 @@ class GithubBuild extends RemoteGitBuild
      */
     public function getCommitMessage()
     {
-        $rtn = $this->data['commit_message'];
+        $rtn = parent::getCommitMessage($this->data['commit_message']);
 
         $reference = $this->getProject()->getReference();
         $commitLink = '<a target="_blank" href="https://github.com/' . $reference . '/issues/$1">#$1</a>';