diff --git a/kallithea/templates/summary/summary.html b/kallithea/templates/summary/summary.html
--- a/kallithea/templates/summary/summary.html
+++ b/kallithea/templates/summary/summary.html
@@ -298,7 +298,7 @@ $(document).ready(function(){
              var title_tmpl = ${h.jshtml(_('Download %s as %s') % ('__CS_NAME__','__CS_EXT__'))};
              title_tmpl= title_tmpl.replace('__CS_NAME__',new_cs.text);
              title_tmpl = title_tmpl.replace('__CS_EXT__',k);
-             title_tmpl = '<i class="icon-file-zip"></i>'+ title_tmpl;
+             title_tmpl = '<i class="icon-file-zip"></i>'+ title_tmpl.html_escape();
              var url = tmpl_links[k].replace('__CS__',new_cs.id);
              var subrepos = $('#archive_subrepos').is(':checked');
              url = url.replace('__SUB__',subrepos);