diff --git a/src/app/history/controllers/HistoryController.php b/src/app/history/controllers/HistoryController.php
index 4d3511adc70a661005d15f6491523df892484b21..45cc64f4c4cc9fc5684770daacb14a20f900e1fb 100644
--- a/src/app/history/controllers/HistoryController.php
+++ b/src/app/history/controllers/HistoryController.php
@@ -638,7 +638,7 @@ class HistoryController
             if (is_array($value)) {
                 HistoryController::arrayToXml(['data' => $value, 'xml' => $args['xml']->addChild(str_replace([' ','(',')'], '', $node))]);
             } else {
-                $args['xml']->addChild(str_replace([' ','(',')'], '', $node), $value);
+                $args['xml']->addChild(str_replace([' ','(',')'], '', $node), htmlspecialchars($value));
             }
         }