diff --git a/includes/html/pages/notifications.inc.php b/includes/html/pages/notifications.inc.php
index 0a172be326ec..13ea55b52ca0 100644
--- a/includes/html/pages/notifications.inc.php
+++ b/includes/html/pages/notifications.inc.php
@@ -84,7 +84,7 @@
$class = $notif['severity'] == 2 ? 'text-danger' : 'text-warning';
echo "
";
- echo " ${notif['title']}";
+ echo " " . htmlentities($notif['title']) . '';
echo "";
if ($notif['user_id'] != Auth::id()) {
@@ -125,7 +125,7 @@
} elseif ($notif['severity'] == 2) {
$class = 'text-danger';
}
- echo "${notif['title']}";
+ echo "" . htmlentities($notif['title']) . "";
if (Auth::user()->hasGlobalAdmin()) {
echo '';
@@ -168,7 +168,7 @@
} elseif ($notif['severity'] == 2) {
echo ' class="text-danger"';
}
- echo " id='${notif['notifications_id']}'>${notif['title']}";
+ echo " id='${notif['notifications_id']}'>" . htmlentities($notif['title']);
if (Auth::user()->isAdmin()) {
echo '';