diff --git a/scm-core/pom.xml b/scm-core/pom.xml
index ae18a384ac..23f0086797 100644
--- a/scm-core/pom.xml
+++ b/scm-core/pom.xml
@@ -74,6 +74,17 @@
       <artifactId>guava</artifactId>
       <version>11.0.2</version>
     </dependency>
+    
+    <!--
+     TODO remove commons-lang dependency if guava 12.0.0 is released,
+     because of the escaper classes.
+    -->
+    
+    <dependency>
+      <groupId>commons-lang</groupId>
+      <artifactId>commons-lang</artifactId>
+      <version>2.6</version>
+    </dependency>
 
   </dependencies>
   
diff --git a/scm-core/src/main/java/sonia/scm/repository/ChangesetViewerUtil.java b/scm-core/src/main/java/sonia/scm/repository/ChangesetViewerUtil.java
index e535667592..75c62964e5 100644
--- a/scm-core/src/main/java/sonia/scm/repository/ChangesetViewerUtil.java
+++ b/scm-core/src/main/java/sonia/scm/repository/ChangesetViewerUtil.java
@@ -37,6 +37,7 @@ package sonia.scm.repository;
 
 import com.google.inject.Inject;
 
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -136,8 +137,7 @@ public class ChangesetViewerUtil extends PartCacheClearHook
 
       if (changeset != null)
       {
-        callPreProcessors(changeset);
-        callPreProcessorFactories(repository, changeset);
+        prepareForReturn(repository, changeset);
         result = new ChangesetPagingResult(1, Arrays.asList(changeset));
         cache.put(key, result);
       }
@@ -301,8 +301,7 @@ public class ChangesetViewerUtil extends PartCacheClearHook
       {
         if (Util.isNotEmpty(result.getChangesets()))
         {
-          callPreProcessors(result);
-          callPreProcessorFactories(repository, result);
+          prepareForReturn(repository, result);
         }
 
         cache.put(key, result);
@@ -365,8 +364,7 @@ public class ChangesetViewerUtil extends PartCacheClearHook
       {
         if (Util.isNotEmpty(result.getChangesets()))
         {
-          callPreProcessors(result);
-          callPreProcessorFactories(repository, result);
+          prepareForReturn(repository, result);
         }
 
         cache.put(key, result);
@@ -470,6 +468,37 @@ public class ChangesetViewerUtil extends PartCacheClearHook
     }
   }
 
+
+
+  /**
+   * Method description
+   *
+   *
+   * @param repository
+   * @param result
+   */
+  private void prepareForReturn(Repository repository,
+                                ChangesetPagingResult result)
+  {
+    EscapeUtil.escape(result);
+    callPreProcessors(result);
+    callPreProcessorFactories(repository, result);
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param repository
+   * @param changeset
+   */
+  private void prepareForReturn(Repository repository, Changeset changeset)
+  {
+    EscapeUtil.escape(changeset);
+    callPreProcessors(changeset);
+    callPreProcessorFactories(repository, changeset);
+  }
+
   //~--- inner classes --------------------------------------------------------
 
   /**
diff --git a/scm-core/src/main/java/sonia/scm/repository/EscapeUtil.java b/scm-core/src/main/java/sonia/scm/repository/EscapeUtil.java
new file mode 100644
index 0000000000..291bd4a553
--- /dev/null
+++ b/scm-core/src/main/java/sonia/scm/repository/EscapeUtil.java
@@ -0,0 +1,157 @@
+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.repository;
+
+//~--- non-JDK imports --------------------------------------------------------
+
+import com.google.common.collect.Lists;
+
+import org.apache.commons.lang.StringEscapeUtils;
+
+import sonia.scm.util.Util;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import java.util.List;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ * @since 1.15
+ */
+public class EscapeUtil
+{
+
+  /**
+   * Method description
+   *
+   *
+   * @param result
+   */
+  public static void escape(BrowserResult result)
+  {
+    result.setBranch(escape(result.getBranch()));
+    result.setTag(escape(result.getTag()));
+
+    for (FileObject fo : result)
+    {
+      escape(fo);
+    }
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param fo
+   */
+  public static void escape(FileObject fo)
+  {
+    fo.setDescription(escape(fo.getDescription()));
+    fo.setName(fo.getName());
+    fo.setPath(fo.getPath());
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param changeset
+   */
+  public static void escape(Changeset changeset)
+  {
+    changeset.setDescription(escape(changeset.getDescription()));
+
+    Person person = changeset.getAuthor();
+
+    if (person != null)
+    {
+      person.setName(escape(person.getName()));
+      person.setMail(escape(person.getMail()));
+    }
+
+    changeset.setBranches(escapeList(changeset.getBranches()));
+    changeset.setTags(escapeList(changeset.getTags()));
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param result
+   */
+  public static void escape(ChangesetPagingResult result)
+  {
+    for (Changeset c : result)
+    {
+      escape(c);
+    }
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param value
+   *
+   * @return
+   */
+  public static String escape(String value)
+  {
+    return StringEscapeUtils.escapeHtml(value);
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param values
+   *
+   * @return
+   */
+  public static List<String> escapeList(List<String> values)
+  {
+    if (Util.isNotEmpty(values))
+    {
+      List<String> newList = Lists.newArrayList();
+
+      for (String v : values)
+      {
+        newList.add(StringEscapeUtils.escapeHtml(v));
+      }
+
+      values = newList;
+    }
+
+    return values;
+  }
+}
diff --git a/scm-core/src/main/java/sonia/scm/repository/RepositoryBrowserUtil.java b/scm-core/src/main/java/sonia/scm/repository/RepositoryBrowserUtil.java
index f229c90c09..db31d17287 100644
--- a/scm-core/src/main/java/sonia/scm/repository/RepositoryBrowserUtil.java
+++ b/scm-core/src/main/java/sonia/scm/repository/RepositoryBrowserUtil.java
@@ -170,6 +170,7 @@ public class RepositoryBrowserUtil extends PartCacheClearHook
       if (result != null)
       {
         sort(result);
+        EscapeUtil.escape(result);
         callPreProcessors(result);
         callPreProcessorFactories(repository, result);
       }