diff --git a/htdocs/mrp/ajax/interface.php b/htdocs/mrp/ajax/interface.php
index 32c8a142a45..271b34e5b13 100644
--- a/htdocs/mrp/ajax/interface.php
+++ b/htdocs/mrp/ajax/interface.php
@@ -61,7 +61,7 @@ if ($action == 'updateselectbatchbywarehouse' && $permissiontoproduce) {
 	$sql .= " JOIN " . MAIN_DB_PREFIX . "product_stock as ps on ps.rowid = pb.fk_product_stock";
 	$sql .= " JOIN " . MAIN_DB_PREFIX . "entrepot as e on e.rowid = ps.fk_entrepot AND e.entity IN (" . getEntity('stock') . ")";
 	$sql .= " WHERE ps.fk_product = " .((int) $fk_product);
-	if ($batch) $sql.= " AND pb.batch = '" . $batch . "'";
+	if ($batch) $sql.= " AND pb.batch = '" . $db->escape($batch) . "'";
 	$sql .= " ORDER BY e.ref, pb.batch";
 
 	$resql = $db->query($sql);