diff --git a/modules/oauth/templates/authorized.php b/modules/oauth/templates/authorized.php
index 4eb99a9ae9f5a503f9fe827f5bbd835a3304fa91..264751a0de349ff98afc01c46d153730e3c2b556 100644
--- a/modules/oauth/templates/authorized.php
+++ b/modules/oauth/templates/authorized.php
@@ -8,9 +8,9 @@ $this->includeAtTemplateBase('includes/header.php');
     <p style="margin-top: 2em">
        You are now successfully authenticated, and you may click <em>Continue</em> in the application where you initiated authentication.
     </p>
-<?php if ($this->data['oauth_verifier']) {?>
+<?php if (!empty($this->data['oauth_verifier'])) {?>
 	<p>
-		When asked, the verifier code to finish the procedure, is: <b><?php echo $this->data['oauth_verifier'];?></b>.
+		When asked, the verifier code to finish the procedure, is: <b><?php echo htmlspecialchars($this->data['oauth_verifier']);?></b>.
 	</p>
 <?php } ?>       
 
diff --git a/modules/oauth/templates/consent.php b/modules/oauth/templates/consent.php
index f02333151a52f2851ffe8524cc47d0d7d1b58e44..c82af245d8713c727df1d064ba8b9e8b1635e794 100644
--- a/modules/oauth/templates/consent.php
+++ b/modules/oauth/templates/consent.php
@@ -6,10 +6,10 @@ $this->includeAtTemplateBase('includes/header.php');
 ?>
 
     <p style="margin-top: 2em">
-       Do you agree to let the application at <b><?php echo $this->data['consumer']['name']?></b> use Foodle on your behalf? 
+       Do you agree to let the application at <b><?php echo htmlspecialchars($this->data['consumer']['name'])?></b> use Foodle on your behalf? 
     </p>
     <p>
-      <a href="<?php echo $this->data['urlAgree']; ?>">Yes I agree</a> |
+      <a href="<?php echo htmlspecialchars($this->data['urlAgree']); ?>">Yes I agree</a> |
       <a href="javascript:alert('Please close this browser.');">No, cancel the request.</a>
     </p>