diff --git a/phpBB/adm/style/admin.js b/phpBB/adm/style/admin.js
index 1ff1b02d74..2ae75db062 100644
--- a/phpBB/adm/style/admin.js
+++ b/phpBB/adm/style/admin.js
@@ -280,7 +280,10 @@ function parse_document(container)
 
 		// Live update BBCode font icon preview
 		$('#bbcode_font_icon').on('keyup', function(e) {
-			$('#bbcode_icon_preview').attr('class', "o-icon o-icon-font fa-fw fas icon fa-" + $(this).val());
+			const iconName = $(this).val();
+			if (iconName.match(/^[\w-]+$/)) {
+				$('#bbcode_icon_preview').attr('class', "o-icon o-icon-font fa-fw fas icon fa-" + $(this).val());
+			}
 		});
 	});
 })(jQuery);
diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php
index d9a4ae9822..58d86c940d 100644
--- a/phpBB/includes/acp/acp_bbcodes.php
+++ b/phpBB/includes/acp/acp_bbcodes.php
@@ -238,7 +238,7 @@ class acp_bbcodes
 						trigger_error($user->lang['BBCODE_HELPLINE_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
 					}
 
-					if (strlen($bbcode_font_icon) > 64 && preg_match('/^[A-Za-z0-9-]+$/', $bbcode_font_icon))
+					if (strlen($bbcode_font_icon) > 64 && preg_match('/^[\w-]+$/', $bbcode_font_icon))
 					{
 						trigger_error($user->lang['BBCODE_FONT_ICON_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
 					}