diff --git a/change_log.txt b/change_log.txt
index 0f44a294..010efe13 100644
--- a/change_log.txt
+++ b/change_log.txt
@@ -1,4 +1,7 @@
 ===== trunk  =====
+12.05.2012
+- bugfix {html_options} did not properly escape values (Issue 98)
+
 03.05.2012
 - bugfix make HTTP protocall version variable (issue 96)
 
diff --git a/libs/plugins/function.html_options.php b/libs/plugins/function.html_options.php
index 86266e26..46330e89 100644
--- a/libs/plugins/function.html_options.php
+++ b/libs/plugins/function.html_options.php
@@ -150,6 +150,8 @@ function smarty_function_html_options_optoutput($key, $value, $selected, $id, $c
                 trigger_error("html_options: value is an object of class '". get_class($value) ."' without __toString() method", E_USER_NOTICE);
                 return '';
             }
+        } else {
+            $value = smarty_function_escape_special_chars((string) $value);
         }
         $_html_result .= $_html_class . $_html_id . '>' . $value . '</option>' . "\n";
         $idx++;