diff --git a/pages/ajax.searchform.php b/pages/ajax.searchform.php
index e6e3c9572..5bdcfd343 100644
--- a/pages/ajax.searchform.php
+++ b/pages/ajax.searchform.php
@@ -75,7 +75,7 @@ try
 
     if (array_key_exists('table_inner_id', $aListParams))
     {
-        $sListId = $aListParams['table_inner_id'];
+        $sListId = utils::HtmlEntities($aListParams['table_inner_id']);
     }
 
 	if (array_key_exists('json', $aListParams))