diff --git a/rhodecode/model/repo.py b/rhodecode/model/repo.py
--- a/rhodecode/model/repo.py
+++ b/rhodecode/model/repo.py
@@ -38,8 +38,7 @@ from rhodecode.lib.user_log_filter impor
 from rhodecode.lib.utils import make_db_config
 from rhodecode.lib.utils2 import (
     safe_str, safe_unicode, remove_prefix, obfuscate_url_pw,
-    get_current_rhodecode_user, safe_int, datetime_to_time,
-    action_logger_generic)
+    get_current_rhodecode_user, safe_int, action_logger_generic)
 from rhodecode.lib.vcs.backends import get_backend
 from rhodecode.model import BaseModel
 from rhodecode.model.db import (
@@ -199,9 +198,11 @@ class RepoModel(BaseModel):
 
     def get_repos_as_dict(self, repo_list=None, admin=False,
                           super_user_actions=False, short_name=None):
+
         _render = get_current_request().get_partial_renderer(
             'rhodecode:templates/data_table/_dt_elements.mako')
         c = _render.get_call_context()
+        h = _render.get_helpers()
 
         def quick_menu(repo_name):
             return _render('quick_menu', repo_name)
@@ -258,7 +259,7 @@ class RepoModel(BaseModel):
                 "name": repo_lnk(repo.repo_name, repo.repo_type, repo.repo_state,
                                  repo.private, repo.archived, repo.fork),
 
-                "desc": desc(repo.description),
+                "desc": desc(h.escape(repo.description)),
 
                 "last_change": last_change(repo.updated_on),
 
diff --git a/rhodecode/model/repo_group.py b/rhodecode/model/repo_group.py
--- a/rhodecode/model/repo_group.py
+++ b/rhodecode/model/repo_group.py
@@ -41,7 +41,7 @@ from rhodecode.model.db import (_hash_ke
     UserGroup, Repository)
 from rhodecode.model.settings import VcsSettingsModel, SettingsModel
 from rhodecode.lib.caching_query import FromCache
-from rhodecode.lib.utils2 import action_logger_generic, datetime_to_time
+from rhodecode.lib.utils2 import action_logger_generic
 
 log = logging.getLogger(__name__)
 
@@ -708,8 +708,6 @@ class RepoGroupModel(BaseModel):
         for repo_group in repo_groups:
             repo_group.update_commit_cache()
 
-
-
     def get_repo_groups_as_dict(self, repo_group_list=None, admin=False,
                                 super_user_actions=False):
 
@@ -763,7 +761,7 @@ class RepoGroupModel(BaseModel):
                 "last_changeset": "",
                 "last_changeset_raw": "",
 
-                "desc": desc(group.group_description, group.personal),
+                "desc": desc(h.escape(group.group_description), group.personal),
                 "top_level_repos": 0,
                 "owner": user_profile(group.User.username)
             }