diff --git a/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessSupervisors.php b/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessSupervisors.php
index 1d2575ea2..1bfe40447 100644
--- a/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessSupervisors.php
+++ b/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessSupervisors.php
@@ -31,7 +31,7 @@ class ProcessSupervisors extends Api
 
             return (preg_match("/^.*\/paged.*$/", $this->restler->url))? $response : $response["data"];
         } catch (\Exception $e) {
-            throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
+            throw new RestException(Api::STAT_APP_EXCEPTION, htmlspecialchars($e->getMessage()));
         }
     }