fix: Properly escape HTML for error message from CLI SSO

[jannfis]

Signed-off-by: jannfis jann@mistrust.net

Fixes https://github.com/argoproj/argo-cd/security/code-scanning/46

While I believe this is not a serious issue in the real world, and at least would require a rogue SSO backend for successful exploitation, it should be fixed.

Note on DCO:

If the DCO action in the integration test fails, one or more of your commits are not signed off. Please click on the Details link next to the DCO action for instructions on how to resolve this.

Checklist:

• Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
• The title of the PR states what changed and the related issues number (used for the release note).
• I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
• I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
• Does this PR require documentation updates?
• I've updated documentation as required by this PR.
• Optional. My organization is added to USERS.md.
• I have signed off all my commits as required by DCO
• I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
• My build is green (troubleshooting builds).

[codecov-io]

Codecov Report

Merging #5563 (0ee4e75) into master (6e6cd1a) will not change coverage.
The diff coverage is 0.00%.

@@           Coverage Diff           @@
##           master    #5563   +/-   ##
=======================================
  Coverage   40.86%   40.86%           
=======================================
  Files         144      144           
  Lines       19205    19205           
=======================================
  Hits         7849     7849           
  Misses      10260    10260           
  Partials     1096     1096           

Impacted Files	Coverage Δ
cmd/argocd/commands/login.go	2.42% <0.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6e6cd1a...0ee4e75. Read the comment docs.

[alexmt]

LGTM. Thank you!

[jannfis]

@alexmt FYI, I have cherry-picked this into 1.7 and 1.8 branch.