diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php
index b3e9a618f5..9f9db5391a 100644
--- a/lib/exe/ajax.php
+++ b/lib/exe/ajax.php
@@ -15,9 +15,9 @@
 
 //call the requested function
 if($INPUT->post->has('call')){
-    $call = $INPUT->post->str('call');
+    $call = $INPUT->post->filter('utf8_stripspecials')->str('call');
 }else if($INPUT->get->has('call')){
-    $call = $INPUT->get->str('call');
+    $call = $INPUT->get->filter('utf8_stripspecials')->str('call');
 }else{
     exit;
 }