diff --git a/core/users/user_settings.php b/core/users/user_settings.php
index e45ead696e..2ea79043ef 100644
--- a/core/users/user_settings.php
+++ b/core/users/user_settings.php
@@ -234,13 +234,13 @@
echo " | \n";
echo " ".$text['label-'.$row['user_setting_enabled']]."\n";
echo " | \n";
- echo " ".$row['user_setting_description']." | \n";
+ echo " ".escape($row['user_setting_description'])." | \n";
echo " ";
if (permission_exists('user_setting_edit')) {
- echo "$v_link_label_edit";
+ echo "$v_link_label_edit";
}
if (permission_exists('user_setting_delete')) {
- echo "$v_link_label_delete";
+ echo "$v_link_label_delete";
}
echo " | \n";
echo "\n";