diff --git a/docs/NEWS b/docs/NEWS
index 2649e7b2..8c9379d2 100644
--- a/docs/NEWS
+++ b/docs/NEWS
@@ -73,7 +73,7 @@ Version 1.6.1 ()
 ------------------------------------------------------------------------
     
     * Improved escaping of backend plugin management for DB query
-      (Stefan Schurtz)
+      and media selector output (Stefan Schurtz)
 
     * Updated spamblock plugin to 1.78 & 1.79
       changed wordfilter to function to check with 'verify_once'
diff --git a/serendipity_admin_image_selector.php b/serendipity_admin_image_selector.php
index 14b81d09..2d8771e3 100644
--- a/serendipity_admin_image_selector.php
+++ b/serendipity_admin_image_selector.php
@@ -293,7 +293,7 @@ switch ($serendipity['GET']['step']) {
           isset($serendipity['GET']['page'])   ? $serendipity['GET']['page']   : 1,
           $serendipity['thumbPerPage2'],
           ($serendipity['showMediaToolbar'] ? true : false),
-          '?serendipity[step]=1' . $add_url . '&serendipity[textarea]='. $serendipity['GET']['textarea'],
+          '?serendipity[step]=1' . $add_url . '&serendipity[textarea]='. htmlspecialchars($serendipity['GET']['textarea']),
           true,
           null,
           false