diff --git a/man/view_man.cgi b/man/view_man.cgi
index b6150f5ac..e0f101ad7 100755
--- a/man/view_man.cgi
+++ b/man/view_man.cgi
@@ -43,8 +43,8 @@ SECT: foreach $sec (@sects) {
 		}
 	}
 if (!$found) {
-	print "<p><b>",&text('man_noentry', "<tt>$in{'page'}</tt>"),
-	      "</b><p>\n";
+	print "<p><b>",&text('man_noentry',
+		     "<tt>".&html_escape($in{'page'})."</tt>"),"</b><p>\n";
 	}
 else {
 	if (&has_command($config{'man2html_path'})) {
@@ -86,13 +86,19 @@ else {
 			$out =~ s/<A HREF="file:[^"]+">([^<]+)<\/a>/$1/ig;
 			$out =~ s/<A HREF="view_man.cgi">/<A HREF=\"\">/i;
 			}
-		&show_view_table(&text('man_header', $in{'page'}, $in{'sec'}),
-				 $out);
+		&show_view_table(
+			&text('man_header',
+			      &html_escape($in{'page'}),
+			      &html_escape($in{'sec'})),
+			$out);
 	} else {
 		$out =~ s/.\010//g;
 		$out =~ s/^(man:\s*)?(re)?formatting.*//i;
-		&show_view_table(&text('man_header', $in{'page'}, $in{'sec'}),
-				 "<pre>".&html_escape($out)."</pre>");
+		&show_view_table(
+			&text('man_header',
+			      &html_escape($in{'page'}),
+			      &html_escape($in{'sec'})),
+			"<pre>".&html_escape($out)."</pre>");
 		}
 	}