2 files changed, 3 insertions, 3 deletions

diff --git a/application/views/file/fragments/thumbnail.php b/application/views/file/fragments/thumbnail.php
index 7cbebe7fe..7fad5575f 100644
--- a/application/views/file/fragments/thumbnail.php
+++ b/application/views/file/fragments/thumbnail.php
@@ -12,8 +12,8 @@ if (substr($base_url, -1) !== "/") {
 			<?php if (strpos($item["mimetype"], "image/") === 0) {?>rel="gallery" class="colorbox"<?php } ?>
 			data-orientation="<?php echo $item["orientation"]; ?>"
 			href="<?php echo $base_url.$item["id"]."/"; ?>"
-			title="<?php echo htmlentities($item["filename"]); ?>"
-			data-content="<?php echo htmlentities($item["tooltip"]); ?>"
+			title="<?php echo htmlentities($item["filename"], ENT_QUOTES); ?>"
+			data-content="<?php echo htmlentities($item["tooltip"], ENT_QUOTES); ?>"
 			data-id="<?php echo $item["id"]; ?>"><!--
 			--><img	class="thumb lazyload"
 				data-original="<?php echo $base_url."file/thumbnail/".$item["id"]; ?>"
diff --git a/application/views/file/upload_history.php b/application/views/file/upload_history.php
index 7d46efe3a..060cd25c3 100644
--- a/application/views/file/upload_history.php
+++ b/application/views/file/upload_history.php
@@ -16,7 +16,7 @@
                 <?php foreach($items as $key => $item): ?>
                     <tr>
                         <td><input type="checkbox" name="ids[<?php echo $item["id"] ?>]" value="<?php echo $item["id"] ?>" class="delete-history"></td>
-                        <td><a href="<?php echo site_url("/".$item["id"]) ?>/" data-content="<?php if (isset($item['preview_text'])) {echo htmlentities($item['preview_text']);} ?>"><?php echo $item["id"] ?></a></td>
+                        <td><a href="<?php echo site_url("/".$item["id"]) ?>/" data-content="<?php if (isset($item['preview_text'])) {echo htmlentities($item['preview_text'], ENT_QUOTES);} ?>"><?php echo $item["id"] ?></a></td>
                         <td class="wrap"><?php echo htmlspecialchars($item["filename"]); ?></td>
                         <td><?php echo $item["mimetype"] ?></td>
                         <td class="nowrap" data-sort-value="<?=$item["date"]; ?>"><?php echo date("r", $item["date"]); ?></td>