diff --git a/main/inc/ajax/message.ajax.php b/main/inc/ajax/message.ajax.php
index 1b5384d0f0..d2a4c66beb 100755
--- a/main/inc/ajax/message.ajax.php
+++ b/main/inc/ajax/message.ajax.php
@@ -17,7 +17,7 @@ switch ($action) {
 		$tbl_my_user		= Database :: get_main_table(TABLE_MAIN_USER);
 		$tbl_my_user_friend = Database :: get_main_table(TABLE_MAIN_USER_REL_USER);
 		$tbl_user 			= Database :: get_main_table(TABLE_MAIN_USER);
-		$search				= Database::escape_string(Security::remove_XSS($_POST['search']));
+		$search				= Database::escape_string($_POST['search']);
 		$current_date		= date('Y-m-d H:i:s',time());
 
 		$user_id = api_get_user_id();