Escaping template variable output

[ctgraham]

PR for version 1.3.0.0 to the plugin gallery raised concerns about this unescaped template variable:

inlineHtmlGalley/templates/blockReferences.tpl

Line 22 in 5af7a00

{$publication->getData('citationsRaw')|nl2br}

C.f. pkp/bootstrap3#246