diff --git a/libraries/display_export.lib.php b/libraries/display_export.lib.php
index ad07a404b..e3b533613 100644
--- a/libraries/display_export.lib.php
+++ b/libraries/display_export.lib.php
@@ -173,19 +173,19 @@ echo PMA_pluginGetJavascript($export_list);
         echo ' value="';
         if ($export_type == 'database') {
             if (isset($_COOKIE) && !empty($_COOKIE['pma_db_filename_template'])) {
-                echo $_COOKIE['pma_db_filename_template'];
+                echo htmlspecialchars($_COOKIE['pma_db_filename_template']);
             } else {
                 echo $GLOBALS['cfg']['Export']['file_template_database'];
             }
         } elseif ($export_type == 'table') {
             if (isset($_COOKIE) && !empty($_COOKIE['pma_table_filename_template'])) {
-                echo $_COOKIE['pma_table_filename_template'];
+                echo htmlspecialchars($_COOKIE['pma_table_filename_template']);
             } else {
                 echo $GLOBALS['cfg']['Export']['file_template_table'];
             }
         } else {
             if (isset($_COOKIE) && !empty($_COOKIE['pma_server_filename_template'])) {
-                echo $_COOKIE['pma_server_filename_template'];
+                echo htmlspecialchars($_COOKIE['pma_server_filename_template']);
             } else {
                 echo $GLOBALS['cfg']['Export']['file_template_server'];
             }