diff --git a/modules/authX509/templates/X509error.php b/modules/authX509/templates/X509error.php
index cded8b86443cdf119d511c4b5b58803f7e33db70..00168ba012eeb07d385d774b1f921c1a2755b74d 100644
--- a/modules/authX509/templates/X509error.php
+++ b/modules/authX509/templates/X509error.php
@@ -21,7 +21,7 @@ if ($this->data['errorcode'] !== NULL) {
 
 	<p><?php echo $this->t('{authX509:X509error:certificate_text}'); ?></p>
 
-	<a href="<?php echo SimpleSAML_Utilities::selfURL(); ?>">
+	<a href="<?php echo htmlspecialchars(SimpleSAML_Utilities::selfURL()); ?>">
 		<?php echo $this->t('{login:login_button}'); ?>
 	</a>