diff --git a/app/views/issues/edit.rhtml b/app/views/issues/edit.rhtml
index 60cdafc1..1666d0fd 100644
--- a/app/views/issues/edit.rhtml
+++ b/app/views/issues/edit.rhtml
@@ -1,4 +1,4 @@
-<h2><%= @issue.tracker.name %> #<%= @issue.id %> - <%= @issue.subject %></h2>
+<h2><%= @issue.tracker.name %> #<%= @issue.id %> - <%=h @issue.subject %></h2>
 
 <% labelled_tabular_form_for :issue, @issue, :url => {:action => 'edit'} do |f| %>
 <%= error_messages_for 'issue' %>