diff --git a/adminer/include/adminer.inc.php b/adminer/include/adminer.inc.php
index 0445d8a5..c0d1eb44 100644
--- a/adminer/include/adminer.inc.php
+++ b/adminer/include/adminer.inc.php
@@ -196,7 +196,7 @@ username.form['auth[driver]'].onchange();
 		if (ereg('blob|bytea|raw|file', $field["type"]) && !is_utf8($val)) {
 			$return = lang('%d byte(s)', strlen($val));
 		}
-		return ($link ? "<a href='$link'>$return</a>" : $return);
+		return ($link ? "<a href='" . h($link) . "'>$return</a>" : $return);
 	}
 	
 	/** Value conversion used in select and edit
diff --git a/editor/include/adminer.inc.php b/editor/include/adminer.inc.php
index 7c29e5e5..8fad7143 100644
--- a/editor/include/adminer.inc.php
+++ b/editor/include/adminer.inc.php
@@ -164,6 +164,7 @@ ORDER BY ORDINAL_POSITION", null, "") as $row) { //! requires MySQL 5
 	
 	function selectVal($val, $link, $field) {
 		$return = ($val === null ? "&nbsp;" : $val);
+		$link = h($link);
 		if (ereg('blob|bytea', $field["type"]) && !is_utf8($val)) {
 			$return = lang('%d byte(s)', strlen($val));
 			if (ereg("^(GIF|\xFF\xD8\xFF|\x89PNG\x0D\x0A\x1A\x0A)", $val)) { // GIF|JPG|PNG, getimagetype() works with filename