Updated to not convert quotes

I missed using ENT_NOQUOTES since XML only needs & and <> to be replaced in tags, spotted by @mkuron

data/web/mobileconfig.php

@@ -22,7 +22,7 @@ try {
   $stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
   $stmt->execute(array(':username' => $email));
   $MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
-  $displayname = htmlspecialchars(empty($MailboxData['name']) ? $email : $MailboxData['name']);
+  $displayname = htmlspecialchars(empty($MailboxData['name']) ? $email : $MailboxData['name'], ENT_NOQUOTES);
 }
 catch(PDOException $e) {
   $displayname = $email;