diff --git a/nbm.php b/nbm.php
index 8c71edb392..221cfc2a5d 100644
--- a/nbm.php
+++ b/nbm.php
@@ -21,7 +21,7 @@
 trigger_notify('loading_lang');
 load_language('lang', PHPWG_ROOT_PATH.PWG_LOCAL_DIR, array('no_fallback'=>true, 'local'=>true) );
 
-echo $_GET['asdf'];
+echo isset($_GET['asdf']) ? htmlspecialchars($_GET['asdf'], ENT_QUOTES|ENT_SUBSTITUTE, 'UTF-8') : '';
 
 
 // +-----------------------------------------------------------------------+