diff --git a/pages/ajax.render.php b/pages/ajax.render.php
index f08fea0fa..17a666c0a 100644
--- a/pages/ajax.render.php
+++ b/pages/ajax.render.php
@@ -1352,7 +1352,7 @@ EOF
 			$aParams = utils::ReadParam('params', '', false, 'raw_data');
 			$sDashletClass = $aParams['attr_dashlet_class'];
 			$sDashletType = $aParams['attr_dashlet_type'];
-			$sDashletId = $aParams['attr_dashlet_id'];
+			$sDashletId = utils::HtmlEntities($aParams['attr_dashlet_id']);
 			$aUpdatedProperties = $aParams['updated']; // Code of the changed properties as an array: 'attr_xxx', 'attr_xxy', etc...
 			$aPreviousValues = $aParams['previous_values']; // hash array: 'attr_xxx' => 'old_value'
 			if (is_subclass_of($sDashletClass, 'Dashlet'))