diff --git a/lib/QueryRender.php b/lib/QueryRender.php
index 291ec40..685f3ba 100644
--- a/lib/QueryRender.php
+++ b/lib/QueryRender.php
@@ -497,7 +497,7 @@ class QueryRender extends PageRender {
$this->getAjaxRef($base),
$this->getAjaxRef($base),
($show == $this->getAjaxRef($base) ? '#F0F0F0' : '#E0E0E0'),
- $base);
+ htmlspecialchars($base));
}
echo '';
echo '';
@@ -545,7 +545,7 @@ class QueryRender extends PageRender {
echo ' ]';
echo '
';
- printf('%s: %s',_('Base DN'),$base);
+ printf('%s: %s',_('Base DN'),htmlspecialchars($base));
echo '
';
printf('%s: %s',_('Filter performed'),htmlspecialchars($this->template->resultsdata[$base]['filter']));