diff --git a/htdocs/usergroup.class.php b/htdocs/usergroup.class.php
index a0ca3d285fc..41e57f1f6fc 100644
--- a/htdocs/usergroup.class.php
+++ b/htdocs/usergroup.class.php
@@ -410,8 +410,8 @@ class UserGroup
   function update()
     {
         $sql = "UPDATE ".MAIN_DB_PREFIX."usergroup SET ";
-        $sql .= " nom = '$this->nom',";
-        $sql .= " note = '$this->note'";
+        $sql .= " nom = '".addslashes($this->nom)."',";
+        $sql .= " note = '".addslashes($this->note)."'";
         $sql .= " WHERE rowid = ".$this->id;
 
         $result = $this->db->query($sql);