XSS hole in edit comments / version history.

test case:
log in, edit a page, in the edit comment write:
<script>alert("A Hole!")</script>
save,
every time the history of that page is viewed, the alert is shown.

I think the only place which requires fixing is historyinline.vm