feat(TournamentTab): add HTML escaping utility and improve player name rendering

- Introduced `escapeHtml` method to sanitize HTML content, enhancing security against XSS attacks.
- Refactored player name rendering in tournament results to utilize the new HTML escaping method, ensuring safe display of player names and table data.

frontend/src/views/TournamentTab.vue

@@ -1999,6 +1999,14 @@ export default {
                 name2: this.getPlayerName(match.player2)
             };
         },
+        escapeHtml(value) {
+            return String(value ?? '')
+                .replace(/&/g, '&')
+                .replace(/</g, '&lt;')
+                .replace(/>/g, '&gt;')
+                .replace(/"/g, '&quot;')
+                .replace(/'/g, '&#039;');
+        },
 
         async loadTournaments() {
             try {
@@ -2507,9 +2515,8 @@ export default {
 
                 // 8. Dialog mit Ergebnis anzeigen
                 const rows = assignments.map(({ match, table }) => {
-                    const name1 = this.getPlayerName(match.player1);
-                    const name2 = this.getPlayerName(match.player2);
-                    return `<tr><td style="font-weight:bold; padding:0.35rem 0.75rem;">${table}</td><td style="padding:0.35rem 0.75rem;">${name1}</td><td style="padding:0.35rem 0.75rem;">${name2}</td></tr>`;
+                    const { name1, name2 } = this.getMatchPlayerNames(match);
+                    return `<tr><td style="font-weight:bold; padding:0.35rem 0.75rem;">${this.escapeHtml(table)}</td><td style="padding:0.35rem 0.75rem;">${this.escapeHtml(name1)}</td><td style="padding:0.35rem 0.75rem;">${this.escapeHtml(name2)}</td></tr>`;
                 });
                 const html = `<table style="margin:0.75rem auto; border-collapse:collapse; color:#000;"><thead><tr><th style="padding:0.35rem 0.75rem; border-bottom:2px solid #ccc; text-align:left;">${this.$t('tournaments.table')}</th><th style="padding:0.35rem 0.75rem; border-bottom:2px solid #ccc; text-align:left;">${this.$t('tournaments.playerOne')}</th><th style="padding:0.35rem 0.75rem; border-bottom:2px solid #ccc; text-align:left;">${this.$t('tournaments.playerTwo')}</th></tr></thead><tbody>${rows.join('')}</tbody></table>`;