diff --git a/ChangeLog b/ChangeLog
index 8b5a68316..cb9d0ad38 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -11,6 +11,7 @@ $Source$
       lang/lithuanian-*.inc.php3, lang/malay-*.inc.php3,
       lang/russian-*.inc.php3, lang/ukrainian-*.inc.php3: Checked all language
       files for incomplete arrays ($byteUnits, $day_of_week and $month).
+    * libraries/common.lib.php3: Security fix against bad JS code.
 
 2003-06-22 Robin Johnson <robbat2@users.sourceforge.net>
     * scripts/updatedocs.sh:
diff --git a/libraries/common.lib.php3 b/libraries/common.lib.php3
index ccfebc97b..042ebcef5 100644
--- a/libraries/common.lib.php3
+++ b/libraries/common.lib.php3
@@ -411,7 +411,7 @@ h1    {font-family: sans-serif; font-size: large; font-weight: bold}
             // Robbat2 - 12 January 2003, 9:46PM
             // Revised, Robbat2 - 13 Janurary 2003, 2:59PM
             if (PMA_SQP_isError()) {
-                $parsed_sql = $the_query;
+                $parsed_sql = htmlspecialchars($the_query);
             } else {
                 $parsed_sql = PMA_SQP_parse($the_query);
             }
@@ -1875,4 +1875,4 @@ h1    {font-family: sans-serif; font-size: large; font-weight: bold}
         } // end if
     } // end if: minimal common.lib needed?
 } // $__PMA_COMMON_LIB__
-?>
+?>
\ No newline at end of file