1 files changed, 1 insertions, 1 deletions

diff --git a/password.php b/password.php
index fd3717151..845a00a3d 100644
--- a/password.php
+++ b/password.php
@@ -326,7 +326,7 @@ if ('lost' == $page['action'])
 
   if (isset($_POST['username_or_email']))
   {
-    $template->assign('username_or_email', stripslashes(strip_tags($_POST['username_or_email'])));
+    $template->assign('username_or_email', htmlspecialchars(stripslashes($_POST['username_or_email'])));
   }
 }