Fix unescaped error messages (#5329)

In both cases the input, which wasn't escaped before, comes from a form
element that doesn't allow any user to change its content. An ordinary
user would need to access the DOM in order to do that.

Both forms are protected by CSRF, so this mitigates any potential
exploit as well.

(cherry picked from commit acfad5ae5290d349c0ca4fe10b329e56c23201a0)

application/views/scripts/config/module-configuration-error.phtml

@@ -6,7 +6,7 @@
 <?= $this->tabs->render($this); ?>
 <br/>
 <div>
-  <h1>Could not <?= $action; ?> module "<?= $moduleName; ?>"</h1>
+  <h1>Could not <?= $action; ?> module "<?= $this->escape($moduleName); ?>"</h1>
   <p>
     While operation the following error occurred:
     <br />

modules/monitoring/application/forms/Config/BackendConfigForm.php

@@ -227,7 +227,7 @@ class BackendConfigForm extends ConfigForm
                 'autosubmit'    => true
             )
         );
-        $resourceName = isset($formData['resource']) ? $formData['resource'] : $this->getValue('resource');
+        $resourceName = $this->getView()->escape($formData['resource'] ?? $this->getValue('resource'));
         $this->addElement(
             'note',
             'resource_note',