diff --git a/application/webpage.class.inc.php b/application/webpage.class.inc.php
index d2c4b9fc5..324a1bdaa 100644
--- a/application/webpage.class.inc.php
+++ b/application/webpage.class.inc.php
@@ -511,7 +511,7 @@ class WebPage implements Page
 			$sDataAttributeCode = isset($aAttrib['attcode']) ? 'data-attribute-code="'.$aAttrib['attcode'].'"' : '';
 			$sDataAttributeType = isset($aAttrib['atttype']) ? 'data-attribute-type="'.$aAttrib['atttype'].'"' : '';
 			$sDataAttributeLabel = isset($aAttrib['attlabel']) ? 'data-attribute-label="'.utils::HtmlEntities($aAttrib['attlabel']).'"' : '';
-			$sDataValueRaw = isset($aAttrib['value_raw']) ? 'data-value-raw="'.$aAttrib['value_raw'].'"' : '';
+			$sDataValueRaw = isset($aAttrib['value_raw']) ? 'data-value-raw="'.utils::HtmlEntities($aAttrib['value_raw']).'"' : '';
 
 			$sHtml .= "<div class=\"field_container field_{$sLayout}\" $sDataAttributeCode $sDataAttributeType $sDataAttributeLabel $sDataValueRaw>\n";
 			$sHtml .= "<div class=\"field_label label\">{$aAttrib['label']}</div>\n";
diff --git a/core/attributedef.class.inc.php b/core/attributedef.class.inc.php
index 1dcfc8f64..9111f0492 100644
--- a/core/attributedef.class.inc.php
+++ b/core/attributedef.class.inc.php
@@ -1032,10 +1032,10 @@ abstract class AttributeDefinition
 		// Metadata
 		$oFormField->AddMetadata('attribute-code', $this->GetCode());
 		$oFormField->AddMetadata('attribute-type', get_class($this));
-		$oFormField->AddMetadata('attribute-label', $this->GetLabel());
+		$oFormField->AddMetadata('attribute-label', utils::HtmlEntities($this->GetLabel()));
 		if ($this::IsScalar())
 		{
-			$oFormField->AddMetadata('value-raw', $oObject->Get($this->GetCode()));
+			$oFormField->AddMetadata('value-raw', utils::HtmlEntities($oObject->Get($this->GetCode())));
 		}
 
 		return $oFormField;