diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb
index 177fdeb38..3bb1496fb 100644
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -550,7 +550,7 @@ class IssuesController < ApplicationController
         time_entry.issue = @issue
         time_entry.user = User.current
         time_entry.spent_on = User.current.today
-        time_entry.attributes = params[:time_entry]
+        time_entry.safe_attributes = params[:time_entry]
         @issue.time_entries << time_entry
       end