diff --git a/views/bootstrap/class.UsrMgr.php b/views/bootstrap/class.UsrMgr.php
index f5aa18b01..64a3a5d62 100644
--- a/views/bootstrap/class.UsrMgr.php
+++ b/views/bootstrap/class.UsrMgr.php
@@ -320,7 +320,7 @@ $(document).ready( function() {
 		);
 		$options = array();
 		foreach($groups as $group) {
-			$options[] = array($group->getID(), $group->getName(), ($currUser && $group->isMember($currUser)));
+			$options[] = array($group->getID(), htmlspecialchars($group->getName()), ($currUser && $group->isMember($currUser)));
 		}
 		$this->formField(
 			getMLText("groups"),