diff --git a/lib/pretty_text/helpers.rb b/lib/pretty_text/helpers.rb
index fa61e9efc2f..1c0c2f0e1a1 100644
--- a/lib/pretty_text/helpers.rb
+++ b/lib/pretty_text/helpers.rb
@@ -50,7 +50,7 @@ module PrettyText
       topic = Topic.find_by(id: topic_id)
       if topic && Guardian.new.can_see?(topic)
         {
-          title: topic.title,
+          title: Rack::Utils.escape_html(topic.title),
           href: topic.url
         }
       end