diff --git a/pages/items.js.php b/pages/items.js.php
index 6ae72589f..6f8404cc6 100755
--- a/pages/items.js.php
+++ b/pages/items.js.php
@@ -2794,7 +2794,7 @@ function(teampassApplication) {
var data = {
'anyone_can_modify': $('#form-item-anyoneCanModify').is(':checked') ? 1 : 0,
'complexity_level': parseInt($('#form-item-password-complex').val()),
- 'description': $('#form-item-description').summernote('code') !== "
" ? DOMPurify.sanitize($('#form-item-description').summernote('code'), {USE_PROFILES: {html: true}}) : '',
+ 'description': $('#form-item-description').summernote('code') !== "
" ? DOMPurify.sanitize($('#form-item-description').summernote('code'), {USE_PROFILES: {html: true, svg: false, svgFilters: false}}) : '',
'diffusion_list': diffusion,
'diffusion_list_names': diffusionNames,
'folder': parseInt($('#form-item-folder').val()),
@@ -2802,7 +2802,7 @@ function(teampassApplication) {
'fields': fields,
'folder_is_personal': store.get('teampassItem').IsPersonalFolder === 1 ? 1 : 0,
'id': store.get('teampassItem').id,
- 'label': DOMPurify.sanitize($('#form-item-label').val()),
+ 'label': DOMPurify.sanitize($('#form-item-label').val(), {USE_PROFILES: {html:false, svg: false, svgFilters: false}}),
'login': DOMPurify.sanitize($('#form-item-login').val()),
'pw': $('#form-item-password').val(),
'restricted_to': restriction,