diff --git a/app/views/attachments/diff.rhtml b/app/views/attachments/diff.rhtml
index 36db0af52..36e47217b 100644
--- a/app/views/attachments/diff.rhtml
+++ b/app/views/attachments/diff.rhtml
@@ -2,7 +2,7 @@
 
 <div class="attachments">
 <p><%= h("#{@attachment.description} - ") unless @attachment.description.blank? %>
-   <span class="author"><%= @attachment.author %>, <%= format_time(@attachment.created_on) %></span></p>
+   <span class="author"><%= link_to_user(@attachment.author) %>, <%= format_time(@attachment.created_on) %></span></p>
 <p><%= link_to_attachment @attachment, :text => l(:button_download), :download => true -%>
    <span class="size">(<%= number_to_human_size @attachment.filesize %>)</span></p>
 
@@ -10,7 +10,7 @@
 &nbsp;
 <%= render :partial => 'common/diff', :locals => {:diff => @diff, :diff_type => @diff_type} %>
 
-<% html_title @attachment.filename %>
+<% html_title h(@attachment.filename) %>
 
 <% content_for :header_tags do -%>
     <%= stylesheet_link_tag "scm" -%>