diff --git a/inc/parser/xhtml.php b/inc/parser/xhtml.php
index 1a7a5a7d023de376a0c571c0c15911f70f585827..99929d375d5952aeb5b1f30061319a5073f15f96 100644
--- a/inc/parser/xhtml.php
+++ b/inc/parser/xhtml.php
@@ -1287,7 +1287,7 @@ class Doku_Renderer_xhtml extends Doku_Renderer {
                     if($author) {
                         $name = $author->get_name();
                         if(!$name) $name = $author->get_email();
-                        if($name) $this->doc .= ' '.$lang['by'].' '.$name;
+                        if($name) $this->doc .= ' '.$lang['by'].' '.hsc($name);
                     }
                 }
                 if($params['date']) {