diff --git a/src/admin/models/activities.php b/src/admin/models/activities.php
index 9622992..63145c1 100755
--- a/src/admin/models/activities.php
+++ b/src/admin/models/activities.php
@@ -43,6 +43,7 @@ public function __construct($config = array())
 			);
 		}
 
+		$this->filter = JFilterInput::getInstance();
 		parent::__construct($config);
 	}
 
@@ -140,6 +141,12 @@ public function getItems()
 		{
 			foreach ($items as $k => $item)
 			{
+				// Avoid XSS attack
+				if ($item->formatted_text)
+				{
+					$item->formatted_text = $this->filter->clean($item->formatted_text);
+				}
+
 				// Get date in local time zone
 				$item->created_date = JHtml::date($item->created_date, 'Y-m-d h:i:s');
 				$item->updated_date = JHtml::date($item->updated_date, 'Y-m-d h:i:s');