diff --git a/phpBB/privmsg.php b/phpBB/privmsg.php
index f310d8253a..e69e8ab716 100644
--- a/phpBB/privmsg.php
+++ b/phpBB/privmsg.php
@@ -1187,7 +1187,7 @@ else if ( $submit || $refresh || $mode != '' )
$error_msg .= ( ( !empty($error_msg) ) ? '
' : '' ) . $lang['No_to_user'];
}
- $privmsg_subject = trim(strip_tags($HTTP_POST_VARS['subject']));
+ $privmsg_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject']));
if ( empty($privmsg_subject) )
{
$error = TRUE;
@@ -1374,7 +1374,7 @@ else if ( $submit || $refresh || $mode != '' )
//
$to_username = (isset($HTTP_POST_VARS['username']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['username']))) : '';
- $privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : '';
+ $privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['subject']))) : '';
$privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : '';
$privmsg_message = preg_replace('#