diff --git a/js/db_structure.js b/js/db_structure.js
index 4affd75bd..5938ae40c 100644
--- a/js/db_structure.js
+++ b/js/db_structure.js
@@ -75,7 +75,7 @@ $(document).ready(function() {
         /**
          * @var question    String containing the question to be asked for confirmation
          */
-        var question = 'TRUNCATE ' + curr_table_name;
+        var question = 'TRUNCATE ' + escapeHtml(curr_table_name);
 
         $this_anchor.PMA_confirm(question, $this_anchor.attr('href'), function(url) {
 
@@ -125,7 +125,7 @@ $(document).ready(function() {
         /**
          * @var question    String containing the question to be asked for confirmation
          */
-        var question = 'DROP TABLE ' + curr_table_name;
+        var question = 'DROP TABLE ' + escapeHtml(curr_table_name);
 
         $this_anchor.PMA_confirm(question, $this_anchor.attr('href'), function(url) {