diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index ccdfa261fc8..44d6f5c739b 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -289,7 +289,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
 	}
 
 	if ($dbt_select != 'rowid' && $dbt_select != 'id') {
-		$objectid = "'".$objectid."'";
+		$objectid = "'".$db->escape($objectid)."'";
 	}
 
 	// Features/modules to check