diff --git a/phpBB/admin/admin_groups.php b/phpBB/admin/admin_groups.php
index 2b125e2f2d..1074475afb 100644
--- a/phpBB/admin/admin_groups.php
+++ b/phpBB/admin/admin_groups.php
@@ -250,7 +250,7 @@ else if ( isset($HTTP_POST_VARS['group_update']) )
 	else
 	{
 		$group_type = isset($HTTP_POST_VARS['group_type']) ? intval($HTTP_POST_VARS['group_type']) : GROUP_OPEN;
-		$group_name = isset($HTTP_POST_VARS['group_name']) ? trim($HTTP_POST_VARS['group_name']) : '';
+		$group_name = isset($HTTP_POST_VARS['group_name']) ? htmlspecialchars(trim($HTTP_POST_VARS['group_name'])) : '';
 		$group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : '';
 		$group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
 		$delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? true : false;