diff --git a/app/Http/Controllers/Table/AlertScheduleController.php b/app/Http/Controllers/Table/AlertScheduleController.php
index 0285ce24d8d3..d636de714ca7 100644
--- a/app/Http/Controllers/Table/AlertScheduleController.php
+++ b/app/Http/Controllers/Table/AlertScheduleController.php
@@ -65,8 +65,8 @@ protected function sortFields($request)
     public function formatItem($schedule)
     {
         return [
-            'title' => $schedule->title,
-            'notes' => $schedule->notes,
+            'title' => htmlentities($schedule->title),
+            'notes' => htmlentities($schedule->notes),
             'id' => $schedule->schedule_id,
             'start' => $schedule->recurring ? '' : $schedule->start->toDateTimeString('minutes'),
             'end' => $schedule->recurring ? '' : $schedule->end->toDateTimeString('minutes'),
@@ -75,7 +75,7 @@ public function formatItem($schedule)
             'end_recurring_dt' => $schedule->recurring ? $schedule->end_recurring_dt : '',
             'end_recurring_hr' => $schedule->recurring ? $schedule->end_recurring_hr : '',
             'recurring' => $schedule->recurring ? __('Yes') : __('No'),
-            'recurring_day' => $schedule->recurring ? implode(',', $schedule->recurring_day) : '',
+            'recurring_day' => $schedule->recurring ? htmlentities(implode(',', $schedule->recurring_day)) : '',
             'status' => $schedule->status,
         ];
     }