diff --git a/workflow/engine/methods/groups/groups_Ajax.php b/workflow/engine/methods/groups/groups_Ajax.php
index b048b3162..867a575df 100644
--- a/workflow/engine/methods/groups/groups_Ajax.php
+++ b/workflow/engine/methods/groups/groups_Ajax.php
@@ -129,15 +129,20 @@ switch ($_POST['action']) {
         echo G::json_encode( $result );
         break;
     case 'exitsGroupName':
-        require_once 'classes/model/Groupwf.php';
-        G::LoadClass( 'Groupswf' );
-        $oGroup = new Groupwf();
-        $oCriteria = $oGroup->loadByGroupname( $_POST['GRP_NAME'] );
-        $oDataset = GroupwfPeer::doSelectRS( $oCriteria );
-        $oDataset->setFetchmode( ResultSet::FETCHMODE_ASSOC );
-        $oDataset->next();
-        $aRow = $oDataset->getRow();
-        $response = ($aRow) ? 'true' : 'false';
+        $groupName = strip_tags($_POST['GRP_NAME']);
+        if ($groupName) {
+            require_once 'classes/model/Groupwf.php';
+            G::LoadClass('Groupswf');
+            $oGroup = new Groupwf();
+            $oCriteria = $oGroup->loadByGroupname($_POST['GRP_NAME']);
+            $oDataset = GroupwfPeer::doSelectRS($oCriteria);
+            $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
+            $oDataset->next();
+            $aRow = $oDataset->getRow();
+            $response = ($aRow) ? \G::json_encode(['success' => true]) : \G::json_decode(['success' => false]);
+        } else {
+            $response = \G::json_encode(['success' => true, 'msg' => \G::LoadTranslation('ID_FIELD_INVALID')]);
+        }
         echo $response;
         break;
     case 'saveNewGroup':
diff --git a/workflow/engine/templates/groups/groupsList.js b/workflow/engine/templates/groups/groupsList.js
index c4cb48656..6833a45e8 100644
--- a/workflow/engine/templates/groups/groupsList.js
+++ b/workflow/engine/templates/groups/groupsList.js
@@ -182,7 +182,13 @@ Ext.onReady(function(){
             text: _("ID_SAVE"),
             handler: function (btn, ev)
             {
-                if( newForm.getForm().findField('name').getValue().trim() == "") {
+                var reg = new RegExp(/(<([^>]+)>)/ig),
+                    nameGroups = newForm.getForm().findField('name').getValue();
+                if (reg.test(nameGroups)){
+                    Ext.Msg.alert(_('ID_WARNING'), _("ID_FIELD_INVALID", _("ID_GROUP_NAME")));
+                    newForm.getForm().findField('name').setValue("");
+                    return false;
+                } else if (nameGroups.trim() == "") {
                     Ext.Msg.alert(_('ID_WARNING'), _("ID_FIELD_REQUIRED", _("ID_GROUP_NAME")));
                     newForm.getForm().findField('name').setValue("");
                     return false;
@@ -434,8 +440,8 @@ CheckGroupName = function(grp_name, function_success, function_failure){
     params: {action: 'exitsGroupName', GRP_NAME: grp_name},
     success: function(resp, opt){
       viewport.getEl().unmask();
-      var checked = eval(resp.responseText);
-      (!checked) ? function_success() : function_failure();
+      var response = JSON.parse(resp.responseText);
+      (!response.success) ? function_success() : function_failure(response.msg);
     },
     failure: function(r,o) {
       viewport.getEl().unmask();
@@ -452,11 +458,11 @@ SaveNewGroupAction = function(){
 };
 
 //Show Duplicate Group Name Message
-DuplicateGroupName = function(){
-  Ext.getCmp("btnCreateSave").setDisabled(false);
-  Ext.getCmp("btnUpdateSave").setDisabled(false);
-
-  PMExt.warning(_('ID_GROUPS'), _('ID_MSG_GROUP_NAME_EXISTS'));
+DuplicateGroupName = function (msg) {
+    Ext.getCmp("btnCreateSave").setDisabled(false);
+    Ext.getCmp("btnUpdateSave").setDisabled(false);
+    newForm.getForm().findField('name').setValue("");
+    PMExt.warning(_('ID_GROUPS'), msg ? msg : _('ID_MSG_GROUP_NAME_EXISTS'));
 };
 
 //Save New Group