diff --git a/app/views/auth_sources/new.rhtml b/app/views/auth_sources/new.rhtml
index 2d493dc3a..d0b9b1d43 100644
--- a/app/views/auth_sources/new.rhtml
+++ b/app/views/auth_sources/new.rhtml
@@ -1,4 +1,4 @@
-<h2><%=l(:label_auth_source_new)%> (<%= @auth_source.auth_method_name %>)</h2>
+<h2><%=l(:label_auth_source_new)%> (<%= h(@auth_source.auth_method_name) %>)</h2>
 
 <% form_tag({:action => 'create'}, :class => "tabular") do %>
   <%= render :partial => 'form' %>