diff --git a/app/assets/javascripts/exercise_collections.js b/app/assets/javascripts/exercise_collections.js
index 786d0443..5c8f4b91 100644
--- a/app/assets/javascripts/exercise_collections.js
+++ b/app/assets/javascripts/exercise_collections.js
@@ -167,7 +167,7 @@ $(document).on('turbolinks:load', function() {
       }
 
       var addExercise = function (id, title) {
-        var exercise = {id: id, title: title}
+        var exercise = {id: _.escape(id), title: _.escape(title)}
         var collectionExercises = collectContainedExercises();
         if (collectionExercises.indexOf(exercise.id) === -1) {
           // only add exercises that are not already contained in the collection
diff --git a/app/assets/javascripts/exercises.js b/app/assets/javascripts/exercises.js
index c3724855..cb3ce863 100644
--- a/app/assets/javascripts/exercises.js
+++ b/app/assets/javascripts/exercises.js
@@ -225,7 +225,7 @@ $(document).on('turbolinks:load', function () {
         $('.remove-tip').on('click', removeTip);
 
         function addTip(id, title) {
-            const tip = {id: id, title: title}
+            const tip = {id: _.escape(id), title: _.escape(title)}
             const template =
                 '<div class="list-group-item d-block" data-tip-id=' + tip.id + ' data-id="">' +
                 '<span class="fa-solid fa-bars me-3"></span>' + tip.title +