diff --git a/doku.php b/doku.php
index 42624fd2e8d908ec1fdec72b87e603a8c0c9e24f..cbb4959142fa13790ece0c1a06b17474fe0991a3 100644
--- a/doku.php
+++ b/doku.php
@@ -62,7 +62,7 @@ if($DATE_AT) {
     } else { // check for UNIX Timestamp
         $date_parse = @date('Ymd',$DATE_AT);
         if(!$date_parse || $date_parse === '19700101') {
-            msg(sprintf($lang['unable_to_parse_date'], $DATE_AT));
+            msg(sprintf($lang['unable_to_parse_date'], htmlspecialchars($DATE_AT)));
             $DATE_AT = null;
         }
     }