diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index b1bc2dec5a3..f7dcd9820b1 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -171,6 +171,17 @@ public function show_error($heading, $message, $template = 'error_general', $sta
 		else
 		{
 			set_status_header($status_code);
+			if (is_array($message))
+			{
+				foreach ($message as &$value)
+				{
+				   $value = htmlspecialchars($value);
+				}
+			}
+			else
+			{
+				$message = htmlspecialchars($message);
+			}
 			$message = '<p>'.(is_array($message) ? implode('</p><p>', $message) : $message).'</p>';
 			$template = 'html'.DIRECTORY_SEPARATOR.$template;
 		}