fix(accounts): sanitize activity entry names for highlighting

* Updated the `highlight_activity_entry_name` method to escape HTML in activity entry names before highlighting. This change prevents potential XSS vulnerabilities and ensures safe rendering of user-generated content.

app/helpers/accounts_helper.rb

@@ -15,6 +15,7 @@ module AccountsHelper
     search = query.to_s.strip
     return name if search.blank?
 
-    highlight(name, search, highlighter: ACTIVITY_HIGHLIGHT_MARKUP)
+    escaped_name = ERB::Util.html_escape(name.to_s)
+    highlight(escaped_name, search, highlighter: ACTIVITY_HIGHLIGHT_MARKUP, sanitize: false)
   end
 end