One way of normalizing and escaping your form fields is to loop through the list of FIELDNAMES as returned by the FORM scope (FORM.FIELDNAMES). This example escapes all form fields and trims each form field as well.
In this example we assume that the form has been submitted for processing.
<cfloop list="#FORM.FIELDNAMES#" index="i">
<cfset FORM[i] = trim(htmlEditFormat(FORM[i]))>
You can obviously copy those sanitized values over to a new variable if you need to leave the original FORM scope untouched.