diff --git a/src/Debug/Debug.py b/src/Debug/Debug.py
index 960d260c..004c2d6b 100644
--- a/src/Debug/Debug.py
+++ b/src/Debug/Debug.py
@@ -1,5 +1,6 @@
 import sys
 import os
+import cgi
 from Config import config
 
 
@@ -30,7 +31,7 @@ def formatException(err=None, format="text"):
         file = os.path.split(path)[1]
         tb.append("%s line %s" % (file, line))
     if format == "html":
-        return "%s: %s<br><small>%s</small>" % (exc_type.__name__, err, " > ".join(tb))
+        return "%s: %s<br><small>%s</small>" % (exc_type.__name__, cgi.escape(str(err)), " > ".join(tb))
     else:
         return "%s: %s in %s" % (exc_type.__name__, err, " > ".join(tb))