diff --git a/cake/libs/view/helpers/form.php b/cake/libs/view/helpers/form.php
index f29103eb5..9669fd2d9 100644
--- a/cake/libs/view/helpers/form.php
+++ b/cake/libs/view/helpers/form.php
@@ -373,7 +373,7 @@ class FormHelper extends AppHelper {
 				}
 				
 				if($showParents || (!in_array($title, $parents))) {
-					$select[] = sprintf($this->tags['selectoption'], $name, $this->Html->parseHtmlOptions($htmlOptions), $title);
+					$select[] = sprintf($this->tags['selectoption'], $name, $this->Html->parseHtmlOptions($htmlOptions), h($title));
 				}
 			}
 		}
diff --git a/cake/libs/view/helpers/html.php b/cake/libs/view/helpers/html.php
index 3b18afefa..b254a334a 100644
--- a/cake/libs/view/helpers/html.php
+++ b/cake/libs/view/helpers/html.php
@@ -588,7 +588,7 @@ class HtmlHelper extends AppHelper {
 				$optionsHere['selected'] = 'selected';
 			}
 
-			$select[] = sprintf($this->tags['selectoption'], $name, $this->parseHtmlOptions($optionsHere), $title);
+			$select[] = sprintf($this->tags['selectoption'], $name, $this->parseHtmlOptions($optionsHere), h($title));
 		}
 
 		$select[] = sprintf($this->tags['selectend']);