diff --git a/app/Controllers/Api/Profile/Update.php b/app/Controllers/Api/Profile/Update.php
index 6b2e7e5..d3c0006 100644
--- a/app/Controllers/Api/Profile/Update.php
+++ b/app/Controllers/Api/Profile/Update.php
@@ -27,7 +27,7 @@ class Update
                 }
 
                 if (strpos($key, 'OnMain') === false) {
-                    $dataArray[$paramKey]['value'] = $value;
+                    $dataArray[$paramKey]['value'] = htmlentities($value);
                 }
             }
         }