diff --git a/main/social/profile_friends_and_groups.inc.php b/main/social/profile_friends_and_groups.inc.php
index 111d2a7115..825bcc4291 100644
--- a/main/social/profile_friends_and_groups.inc.php
+++ b/main/social/profile_friends_and_groups.inc.php
@@ -74,8 +74,8 @@ if (isset($_GET['view']) && in_array($_GET['view'], $views)) {
 					$count_users_group = $count_users_group.' '.get_lang('Members');
 				}										
 				$picture = GroupPortalManager::get_picture_group($result['id'], $result['picture_uri'],80);
-				$item_name = '<div class="box_shared_profile_group_title">'.$url_open.'<span class="social-groups-text1">'.api_strtoupper($name).'</span>'. $icon.$url_close.'</div>';
-				$item_description = '<div class="box_shared_profile_group_description"><span class="social-groups-text2">'.get_lang('DescriptionGroup').'</span><p class="social-groups-text4">'.cut($result['description'],120,true).'</p></div>';  															
+				$item_name = '<div class="box_shared_profile_group_title">'.$url_open.'<span class="social-groups-text1">'.api_xml_http_response_encode(api_strtoupper($name)).'</span>'. $icon.$url_close.'</div>';
+				$item_description = '<div class="box_shared_profile_group_description"><span class="social-groups-text2">'.api_xml_http_response_encode(get_lang('GroupDescription')).'</span><p class="social-groups-text4">'.cut(api_xml_http_response_encode($result['description']),120,true).'</p></div>';  															
 				$result['picture_uri'] = '<div class="box_shared_profile_group_image"><img class="social-groups-image" src="'.$picture['file'].'" hspace="4" height="50" border="2" align="left" width="50" /></div>';
 				$item_actions = '';
 				if (api_get_user_id() == $user_id) {