diff --git a/htdocs/core/modules/oauth/stripelive_oauthcallback.php b/htdocs/core/modules/oauth/stripelive_oauthcallback.php
index 71f447098a2..c9bb575a32a 100644
--- a/htdocs/core/modules/oauth/stripelive_oauthcallback.php
+++ b/htdocs/core/modules/oauth/stripelive_oauthcallback.php
@@ -89,7 +89,7 @@ if (GETPOST('state')) {
 // Instantiate the Api service using the credentials, http client and storage mechanism for the token
 //$apiService = $serviceFactory->createService('StripeTest', $credentials, $storage, $requestedpermissionsarray);
 
-$sql = "INSERT INTO ".MAIN_DB_PREFIX."oauth_token SET service = 'StripeLive".($keyforprovider ? '-'.$keyforprovider : '')."', entity=".$conf->entity;
+$sql = "INSERT INTO ".MAIN_DB_PREFIX."oauth_token SET service = 'StripeLive".$db->escape($keyforprovider ? '-'.$keyforprovider : '')."', entity=".$conf->entity;
 $db->query($sql);
 
 // access type needed to have oauth provider refreshing token
diff --git a/htdocs/core/modules/oauth/stripetest_oauthcallback.php b/htdocs/core/modules/oauth/stripetest_oauthcallback.php
index e1e2434ea29..c4dd6ad9b5f 100644
--- a/htdocs/core/modules/oauth/stripetest_oauthcallback.php
+++ b/htdocs/core/modules/oauth/stripetest_oauthcallback.php
@@ -89,7 +89,7 @@ if (GETPOST('state')) {
 // Instantiate the Api service using the credentials, http client and storage mechanism for the token
 //$apiService = $serviceFactory->createService('StripeTest', $credentials, $storage, $requestedpermissionsarray);
 
-$sql = "INSERT INTO ".MAIN_DB_PREFIX."oauth_token SET service = 'StripeTest".($keyforprovider ? '-'.$keyforprovider : '')."', entity=".$conf->entity;
+$sql = "INSERT INTO ".MAIN_DB_PREFIX."oauth_token SET service = 'StripeTest".$db->escape($keyforprovider ? '-'.$keyforprovider : '')."', entity=".$conf->entity;
 $db->query($sql);
 
 // access type needed to have oauth provider refreshing token