diff --git a/workflow/engine/classes/model/AppNotes.php b/workflow/engine/classes/model/AppNotes.php
index b5b7e446d..43dd7609e 100755
--- a/workflow/engine/classes/model/AppNotes.php
+++ b/workflow/engine/classes/model/AppNotes.php
@@ -64,7 +64,7 @@ class AppNotes extends BaseAppNotes
         $oDataset->next();
 
         while ($aRow = $oDataset->getRow()) {
-            $aRow['NOTE_CONTENT'] = stripslashes( $aRow['NOTE_CONTENT'] );
+            $aRow['NOTE_CONTENT'] = htmlentities(stripslashes( $aRow['NOTE_CONTENT'] ));
             $response['notes'][] = $aRow;
             $oDataset->next();
         }