diff --git a/dev/tools/apstats.php b/dev/tools/apstats.php
index 900d75bdd64..b1748d0367c 100755
--- a/dev/tools/apstats.php
+++ b/dev/tools/apstats.php
@@ -667,7 +667,7 @@ if (!empty($output_arrtd)) {
$tmp .= '| ';
$tmp .= ''.$reg[2].'';
$tmp .= ' | ';
- $tmp .= ''.$reg[4].' | ';
+ $tmp .= ''.dol_escape_htmltag($reg[4]).' | ';
$tmp .= ''."\n";
$nblines++;
}
@@ -704,7 +704,7 @@ if (count($output_phan_json) != 0) {
$tmp .= '';
$tmp .= ''.$line_range_txt.'';
$tmp .= ' | ';
- $tmp .= ''.$description.' | ';
+ $tmp .= ''.dol_escape_htmltag($description).' | ';
$tmp .= '';
$phan_items[] = $tmp;
@@ -760,7 +760,7 @@ foreach ($arrayofalerts as $alert) {
$html .= 'CVE-'.$cve.'';
}
$html .= '';
- $html .= ''.$alert['title'].' | ';
+ $html .= ''.dol_escape_htmltag($alert['title']).' | ';
$html .= '';
}
$html .= '';