diff --git a/airtime_mvc/application/controllers/AudiopreviewController.php b/airtime_mvc/application/controllers/AudiopreviewController.php
index 302e8c545..6955fccd9 100644
--- a/airtime_mvc/application/controllers/AudiopreviewController.php
+++ b/airtime_mvc/application/controllers/AudiopreviewController.php
@@ -62,8 +62,8 @@ class AudiopreviewController extends Zend_Controller_Action
         $this->view->audioFileID     = $audioFileID;
         // We need to decode artist and title because it gets
         // encoded twice in js
-        $this->view->audioFileArtist = urldecode($audioFileArtist);
-        $this->view->audioFileTitle  = urldecode($audioFileTitle);
+        $this->view->audioFileArtist = htmlspecialchars(urldecode($audioFileArtist));
+        $this->view->audioFileTitle  = htmlspecialchars(urldecode($audioFileTitle));
         $this->view->type            = $type;
 
         $this->_helper->viewRenderer->setRender('audio-preview');