</script> isn't escaped in network graph

Created by: davispuh

in Project Network Graph, commit messages are in javascript but there's interesting special case for escaping </script> for example if I've such commit message: fixed missing </script> it will break graph totally

it's because text inside <script> (in HTML) are parsed in specific way and </script> is ending script block and making all next parsed as HTML

(look at "message":"fixed missing </script>")

<script>
  //<![CDATA[
   var chunk1={commits:[{"parents":[["756400df57485ee8df5418628adb404b236fb000",0,0]],"author":"D\u0101vis","time":8,"space":1,"refs":"master","id":"e4dbf8bfc539d46ff33b24f6241cc805608705a6","date":"2012-09-19T16:07:58+00:00","message":"fixed missing </script>","login":"davispuh@local"}]};
    var days=[[19,"Sep"]];
    initGraph();
    $(function(){
      branchGraph($("#holder")[0]);
      initGraphNav();
    });
  //]]>
</script>

interesting is that if page would be served as XHTML (XHTML5) this would perfectly work because CDATA wouldn't be parsed at all..

this can be fixed if we escape </script> with <\/script> or even / with \/