diff --git a/rss.php b/rss.php
index 6c21d44..3abb4f6 100644
--- a/rss.php
+++ b/rss.php
@@ -62,12 +62,12 @@ foreach ($posts as $post)
     // 'r' » RFC 2822 formatted date (Example: Thu, 21 Dec 2000 16:01:07 +0200)
     $date = date ('r', strtotime ($post['created']));
     
-    $item->addChild ('title',           $post['title']);
-    $item->addChild ('description',     $description);
+    $item->addChild ('title',           htmlspecialchars ($post['title']));
+    $item->addChild ('description',     htmlspecialchars ($description));
     $item->addChild ('link',            $link);
     $item->addChild ('freepostLink',    $freepost_link);
     $item->addChild ('pubDate',         $date);
-    $item->addChild ('author',          $post['username']);
+    $item->addChild ('author',          htmlspecialchars ($post['username']));
 }
 
 // Output RSS