diff --git a/app/views/auth_sources/edit.rhtml b/app/views/auth_sources/edit.rhtml
index 165fd4f3e..e2c99aa3c 100644
--- a/app/views/auth_sources/edit.rhtml
+++ b/app/views/auth_sources/edit.rhtml
@@ -1,4 +1,4 @@
-<h2><%=l(:label_auth_source)%> (<%= @auth_source.auth_method_name %>)</h2>
+<h2><%=l(:label_auth_source)%> (<%= h(@auth_source.auth_method_name) %>)</h2>
 
 <% form_tag({:action => 'update', :id => @auth_source}, :class => "tabular") do %>
   <%= render :partial => 'form' %>