diff --git a/inc/common.class.php b/inc/common.class.php
index 9de13e5..83dfde4 100644
--- a/inc/common.class.php
+++ b/inc/common.class.php
@@ -306,8 +306,14 @@ private function addHeader($ID) {
          if (Session::isMultiEntitiesMode() && $this->obj->isEntityAssign()) {
             $entity = ' ('.Dropdown::getDropdownName('glpi_entities', $this->obj->getEntityID()).')';
          }
-         $this->pdf->setHeader(sprintf(__('%1$s - %2$s'), $this->obj->getTypeName(),
-                                       sprintf(__('%1$s %2$s'), $name, $entity)));
+         $header = Toolbox::unclean_cross_side_scripting_deep(
+            sprintf(
+               __('%1$s - %2$s'),
+               $this->obj->getTypeName(),
+               sprintf(__('%1$s %2$s'), $name, $entity)
+            )
+         );
+         $this->pdf->setHeader($header);
 
          return true;
       }