diff --git a/app/coffee/modules/common/confirm.coffee b/app/coffee/modules/common/confirm.coffee
index b309df4a..be7452cc 100644
--- a/app/coffee/modules/common/confirm.coffee
+++ b/app/coffee/modules/common/confirm.coffee
@@ -95,22 +95,23 @@ class ConfirmService extends taiga.Service
         el = angular.element(lightboxSelector)
 
         # Render content
-        el.find(".title").html(title)
-        el.find(".subtitle").html(subtitle)
+        el.find(".title").text(title)
+        el.find(".subtitle").text(subtitle)
 
         if replacement
-            el.find(".replacement").html(replacement)
+            el.find(".replacement").text(replacement)
         else
             el.find(".replacement").remove()
 
         if warning
-            el.find(".warning").html(warning)
+            el.find(".warning").text(warning)
         else
             el.find(".warning").remove()
 
         choicesField = el.find(".choices")
         choicesField.html('')
         _.each choices, (value, key) ->
+            value = _.escape(value)
             choicesField.append(angular.element("<option value='#{key}'>#{value}</option>"))
 
         # Assign event handlers