diff --git a/admin/pages/changelog.php b/admin/pages/changelog.php
index 414a38e1..0e376be2 100644
--- a/admin/pages/changelog.php
+++ b/admin/pages/changelog.php
@@ -112,7 +112,7 @@ if($action == 'edit' || $action == 'new') {
 		'action' => $action,
 		'cl_link_form' => constant('ADMIN_URL').'?p=changelog&action=' . ($action == 'edit' ? 'edit' : 'add'),
 		'cl_id' => $id ?? null,
-		'body' => isset($body) ? htmlentities($body, ENT_COMPAT, 'UTF-8') : '',
+		'body' => isset($body) ? escapeHtml($body) : '',
 		'create_date' => $create_date ?? '',
 		'player_id' => $player_id ?? null,
 		'account_players' => $account_players,
diff --git a/admin/pages/menus.php b/admin/pages/menus.php
index e6b033ea..20045528 100644
--- a/admin/pages/menus.php
+++ b/admin/pages/menus.php
@@ -93,7 +93,7 @@ if (isset($_REQUEST['template'])) {
 								if (isset($menus[$id])) {
 									foreach ($menus[$id] as $i => $menu):
 										?>
-										<li class="ui-state-default" id="list-<?php echo $id ?>-<?php echo $i ?>"><label>Name:</label> <input type="text" name="menu[<?php echo $id ?>][]" value="<?php echo $menu['name'] ?>"/>
+										<li class="ui-state-default" id="list-<?php echo $id ?>-<?php echo $i ?>"><label>Name:</label> <input type="text" name="menu[<?php echo $id ?>][]" value="<?php echo escapeHtml($menu['name']); ?>"/>
 											<label>Link:</label> <input type="text" name="menu_link[<?php echo $id ?>][]" value="<?php echo $menu['link'] ?>"/>
 											<input type="hidden" name="menu_blank[<?php echo $id ?>][]" value="0"/>
 											<label><input class="blank-checkbox" type="checkbox" <?php echo($menu['blank'] == 1 ? 'checked' : '') ?>/><span title="Open in New Window">New Window</span></label>
diff --git a/admin/pages/news.php b/admin/pages/news.php
index 46f30c85..620da469 100644
--- a/admin/pages/news.php
+++ b/admin/pages/news.php
@@ -118,7 +118,7 @@ if($action == 'edit' || $action == 'new') {
 		'news_link_form' => '?p=news&action=' . ($action == 'edit' ? 'edit' : 'add'),
 		'news_id' => isset($id) ? $id : null,
 		'title' => isset($p_title) ? $p_title : '',
-		'body' => isset($body) ? htmlentities($body, ENT_COMPAT, 'UTF-8') : '',
+		'body' => isset($body) ? escapeHtml($body) : '',
 		'type' => isset($type) ? $type : null,
 		'player' => isset($player) && $player->isLoaded() ? $player : null,
 		'player_id' => isset($player_id) ? $player_id : null,
diff --git a/admin/pages/pages.php b/admin/pages/pages.php
index d6f1f0ab..0647c7fd 100644
--- a/admin/pages/pages.php
+++ b/admin/pages/pages.php
@@ -106,7 +106,7 @@ $twig->display('admin.pages.form.html.twig', array(
 	'title' => $p_title,
 	'php' => $php,
 	'enable_tinymce' => $enable_tinymce,
-	'body' => isset($body) ? htmlentities($body, ENT_COMPAT, 'UTF-8') : '',
+	'body' => isset($body) ? escapeHtml($body) : '',
 	'groups' => $groups->getGroups(),
 	'access' => $access
 ));
diff --git a/system/functions.php b/system/functions.php
index 7dbf59ee..c2700076 100644
--- a/system/functions.php
+++ b/system/functions.php
@@ -1537,6 +1537,10 @@ function removeIfFirstSlash(&$text) {
 	}
 };
 
+function escapeHtml($html) {
+	return htmlentities($html, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
+}
+
 // validator functions
 require_once LIBS . 'validator.php';
 require_once SYSTEM . 'compat/base.php';