diff --git a/include/ajax.search.php b/include/ajax.search.php
index e2f3a6babb..0918ec84e3 100644
--- a/include/ajax.search.php
+++ b/include/ajax.search.php
@@ -202,6 +202,7 @@ function saveSearch($id=0) {
     }
 
     function _saveSearch(SavedSearch $search) {
+        $_POST['queue-name'] = Format::htmlchars($_POST['queue-name']);
 
         // Validate the form.
         $form = $search->getForm($_POST);