diff --git a/lam/templates/3rdParty/pla/lib/QueryRender.php b/lam/templates/3rdParty/pla/lib/QueryRender.php
index 2c9f787c..db1c4f9d 100644
--- a/lam/templates/3rdParty/pla/lib/QueryRender.php
+++ b/lam/templates/3rdParty/pla/lib/QueryRender.php
@@ -455,7 +455,7 @@ class QueryRender extends PageRender {
$this->getAjaxRef($base),
$this->getAjaxRef($base),
($show == $this->getAjaxRef($base) ? '#F0F0F0' : '#E0E0E0'),
- $base);
+ htmlspecialchars($base));
}
echo '';
echo '';
@@ -503,7 +503,7 @@ class QueryRender extends PageRender {
echo ' ]';
echo '
';
- printf('%s: %s',_('Base DN'),$base);
+ printf('%s: %s',_('Base DN'), htmlspecialchars($base));
echo '
';
printf('%s: %s',_('Filter performed'),htmlspecialchars($this->template->resultsdata[$base]['filter']));