fix(users): Profile image path is invalid after escaping

Removes the validator.escape on the profileImageUrl field in core server
controller.

The escaping was causing the profileImageUrl field to be an invalid path
for the image. We don't need to worry about xss vulnerabilities on this
field because no user input is provided; the name & path are generated
by the application logic.

Fixes #1127

Author: mleanos

modules/core/server/controllers/core.server.controller.js

@@ -15,7 +15,7 @@ exports.renderIndex = function (req, res) {
       username: validator.escape(req.user.username),
       created: req.user.created.toString(),
       roles: req.user.roles,
-      profileImageURL: validator.escape(req.user.profileImageURL),
+      profileImageURL: req.user.profileImageURL,
       email: validator.escape(req.user.email),
       lastName: validator.escape(req.user.lastName),
       firstName: validator.escape(req.user.firstName)