diff --git a/classes/controller/AdminController.php b/classes/controller/AdminController.php
index 409b17273..b4e61d1ce 100644
--- a/classes/controller/AdminController.php
+++ b/classes/controller/AdminController.php
@@ -387,7 +387,7 @@ class AdminControllerCore extends Controller
 			$filter = '';
 			foreach ($this->fields_list AS $field => $t)
 			{
-				if ($val = htmlspecialchars(Tools::getValue($this->table.'Filter_'.$field), ENT_QUOTES, 'UTF-8'))
+				if ($val = Tools::getValue($this->table.'Filter_'.$field))
 				{
 					if(!is_array($val) && !empty($val))
 						$filter .= ($filter ?  ', ' : $this->l(' filter by ')).$t['title'].' : ';
@@ -395,13 +395,13 @@ class AdminControllerCore extends Controller
 					if (isset($t['type']) && $t['type'] == 'bool')
 						$filter .= ((bool)$val) ? $this->l('yes') : $this->l('no');
 					elseif(is_string($val))
-						$filter .= $val;
+						$filter .= htmlspecialchars($val, ENT_QUOTES, 'UTF-8');
 					elseif(is_array($val))
 					{
 						$tmp = '';
 						foreach($val as $v)
 							if(is_string($v) && !empty($v))
-								$tmp .= ' - '.$v;
+								$tmp .= ' - '.htmlspecialchars($v, ENT_QUOTES, 'UTF-8');
 						if(Tools::strlen($tmp))
 						{
 							$tmp = ltrim($tmp, ' - ');