diff --git a/admin/all.php b/admin/all.php
index 5b74cbb..3d0f591 100644
--- a/admin/all.php
+++ b/admin/all.php
@@ -38,7 +38,7 @@ foreach (array_reverse($rows) as $i){
     if ($i["isrespondedto"] === "f" && $i["ispublic"] == "t") {
         echo("<div class=\"question\">");
         if ($i["iscwed"] === "t") {
-            echo("<details><summary>cw: " . $i["cw"] . "</summary><span class=\"cwfiller\"></span>");
+            echo("<details><summary>cw: " . htmlspecialchars($i["cw"]) . "</summary><span class=\"cwfiller\"></span>");
         }
         echo(htmlspecialchars($i["text"]));
         echo("<div class=\"time\">" . $i["time"] . "</div>");
@@ -74,4 +74,4 @@ foreach (array_reverse($rows) as $i){
     }
 }
 
-?>
\ No newline at end of file
+?>
diff --git a/index.php b/index.php
index 6146864..999474d 100644
--- a/index.php
+++ b/index.php
@@ -36,7 +36,7 @@ foreach (array_reverse($rows) as $i){
     if ($i["ispublic"] === "t" && $i["isrespondedto"] === "t") {
         echo("<div class=\"question\">");
         if ($i["iscwed"] === "t") {
-            echo("<details><summary>cw: " . $i["cw"] . "</summary><span class=\"cwfiller\"></span>");
+            echo("<details><summary>cw: " . htmlspecialchars($i["cw"]) . "</summary><span class=\"cwfiller\"></span>");
         }
         echo(htmlspecialchars($i["text"]));
         echo("<div class=\"time\">" . $i["time"] . "</div>");
@@ -46,4 +46,4 @@ foreach (array_reverse($rows) as $i){
     }
 }
 
-?>
\ No newline at end of file
+?>