BUEditor forms do not escape HTML entities

If link title, path etc contains entities such as ampersand, less than sign ("<") and quotes BUEditor default buttons should escape them to entities like &, < etc. At least provide support for characters & < > ' " because they often appear in user entry or filenames. Reverse escape should also be used when editing already existing tags and attributes.