diff --git a/app/helpers/tags_helper.rb b/app/helpers/tags_helper.rb
index dbcc31c4dd..dee96c8342 100755
--- a/app/helpers/tags_helper.rb
+++ b/app/helpers/tags_helper.rb
@@ -15,7 +15,7 @@ def tags_for_index(model)
       elsif !query.include?(hashtag)
         query += " #{hashtag}"
       end
-      out << link_to_function(tag, "crm.search_tagged('#{query}', '#{model.class.to_s.tableize}')", title: tag)
+      out << link_to_function(tag, "crm.search_tagged('#{escape_javascript(query)}', '#{model.class.to_s.tableize}')", title: tag)
     end
   end