diff --git a/src/main/java/org/cysecurity/cspf/jvl/controller/AddPage.java b/src/main/java/org/cysecurity/cspf/jvl/controller/AddPage.java
index 343701b3..8d8fe24e 100644
--- a/src/main/java/org/cysecurity/cspf/jvl/controller/AddPage.java
+++ b/src/main/java/org/cysecurity/cspf/jvl/controller/AddPage.java
@@ -15,6 +15,7 @@
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import com.coverity.security.Escape;
 
 /**
  *
@@ -52,7 +53,8 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re
                     BufferedWriter bw=new BufferedWriter(new FileWriter(f.getAbsoluteFile()));
                     bw.write(content);
                     bw.close();
-                    out.print("Successfully created the file: <a href='../pages/"+fileName+"'>"+fileName+"</a>");
+                    String escaped = Escape.html(fileName)
+                    out.print("Successfully created the file: <a href='../pages/"+escaped+"'>"+escaped+"</a>");
                 }
                 else
                 {