diff --git a/views/bootstrap/class.ViewDocument.php b/views/bootstrap/class.ViewDocument.php
index 0d2191f49..2f5478b18 100644
--- a/views/bootstrap/class.ViewDocument.php
+++ b/views/bootstrap/class.ViewDocument.php
@@ -421,7 +421,7 @@ $(document).ready( function() {
 		if($document->getComment()) {
 			if($settings->_markdownComments) {
 				$Parsedown = new Parsedown();
-				$comment = $Parsedown->text($document->getComment());
+				$comment = $Parsedown->text(htmlspecialchars($document->getComment()));
 			} else {
 				$comment = htmlspecialchars($document->getComment());
 			}
@@ -773,7 +773,7 @@ $(document).ready( function() {
 			if($latestContent->getComment())
 				if($settings->_markdownComments) {
 					$Parsedown = new Parsedown();
-					$comment = $Parsedown->text($latestContent->getComment());
+					$comment = $Parsedown->text(htmlspecialchars($latestContent->getComment()));
 					print "<div class=\"content-comment\">".$comment."</div>";
 				} else {
 					$comment = htmlspecialchars($latestContent->getComment());