diff --git a/CHANGELOG.md b/CHANGELOG.md
index 80e5398d1..67c788d1e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -27,6 +27,7 @@ Yii Framework 2 Change Log
 - New #20137: Added `yii\caching\CallbackDependency` to allow using a callback to determine if a cache dependency is still valid (laxity7)
 - Enh #20134: Raise minimum `PHP` version to `7.3` (@terabytesoftw)
 - Bug #20141: Update `ezyang/htmlpurifier` dependency to version `4.17` (@terabytesoftw)
+- CVE-2024-32877: Fixed Reflected XSS in Debug mode (Antiphishing)
 - CVE-2024-4990: Fix Unsafe Reflection in base Component class (@mtangoo)
 - Bug #19817: Add MySQL Query `addCheck()` and `dropCheck()` (@bobonov)
 - Bug #20165: Adjust pretty name of closures for PHP 8.4 compatibility (@staabm)
diff --git a/web/ErrorHandler.php b/web/ErrorHandler.php
index 41843099e..2b885a170 100644
--- a/web/ErrorHandler.php
+++ b/web/ErrorHandler.php
@@ -181,7 +181,7 @@ protected function convertExceptionToArray($exception)
      */
     public function htmlEncode($text)
     {
-        return htmlspecialchars($text, ENT_NOQUOTES | ENT_SUBSTITUTE | ENT_HTML5, 'UTF-8');
+        return htmlspecialchars($text, ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML5, 'UTF-8');
     }
 
     /**