diff --git a/logviewer/index.cgi b/logviewer/index.cgi
index 71a1305b2..f121f3689 100755
--- a/logviewer/index.cgi
+++ b/logviewer/index.cgi
@@ -102,7 +102,7 @@ if ($config{'others'} && $access{'others'}) {
 # Display extra log files
 foreach $e (&extra_log_files()) {
 	local @cols;
-	push(@cols, &text('index_file', $e->{'file'}));
+	push(@cols, &text('index_file', &html_escape($e->{'file'})));
 	push(@cols, $e->{'desc'});
 	push(@cols, &ui_link("view_log.cgi?extra=$e->{'file'}&view=1", $text{'index_view'}) );
 	push(@col3, \@cols);
diff --git a/syslog/index.cgi b/syslog/index.cgi
index de6837e92..37d208eb4 100755
--- a/syslog/index.cgi
+++ b/syslog/index.cgi
@@ -115,10 +115,10 @@ if (@others) {
 		next if (!&can_edit_log($o));
 		local @cols;
 		if ($o->{'file'}) {
-			push(@cols, &text('index_file',$o->{'file'}));
+			push(@cols, &text('index_file', "<tt>".&html_escape($o->{'file'})."</tt>"));
 			}
 		else {
-			push(@cols, &text('index_cmd', "<tt>".$o->{'cmd'}."</tt>"));
+			push(@cols, &text('index_cmd', "<tt>".&html_escape($o->{'cmd'})."</tt>"));
 			}
 		if ($config{'tags'}) {
 			push(@cols, "");
@@ -136,7 +136,7 @@ if (@others) {
 foreach $e (&extra_log_files()) {
 	next if (!&can_edit_log($e));
 	local @cols;
-	push(@cols, &text('index_file', $e->{'file'}));
+	push(@cols, &text('index_file', "<tt>".&html_escape($e->{'file'})."</tt>"));
 	if ($config{'tags'}) {
 		push(@cols, "");
 		}