diff --git a/interface/web/dashboard/ajax_get_json.php b/interface/web/dashboard/ajax_get_json.php
index 30a668a77f01436b2b818a5e2374444c7c24b115..32fc8912e05ee6c2b91f62783efc667e969c2e49 100644
--- a/interface/web/dashboard/ajax_get_json.php
+++ b/interface/web/dashboard/ajax_get_json.php
@@ -189,6 +189,7 @@ function _search($module, $section, $additional_sql = '', $params = ''){
 
 		$sql = "SELECT * FROM ?? WHERE ".$where_clause.$authsql.$order_clause." LIMIT 0,10";
 		$results = $app->db->queryAllRecords($sql, $db_table);
+		$results = $app->functions->htmlentities($results);
 
 		if(is_array($results) && !empty($results)){
 			$lng_file = '../'.$module.'/lib/lang/'.$_SESSION['s']['language'].'_'.$section.'.lng';