diff --git a/administrator/components/com_categories/helpers/html/categoriesadministrator.php b/administrator/components/com_categories/helpers/html/categoriesadministrator.php
index 9fdaef29d06de..f60d998b01c1e 100644
--- a/administrator/components/com_categories/helpers/html/categoriesadministrator.php
+++ b/administrator/components/com_categories/helpers/html/categoriesadministrator.php
@@ -72,7 +72,7 @@ public static function association($catid, $extension = 'com_content')
 					$classes = 'hasPopover label label-association label-' . $item->lang_sef;
 
 					$item->link = '<a href="' . $url . '" title="' . $item->language_title . '" class="' . $classes
-						. '" data-content="' . $item->title . '" data-placement="top">'
+						. '" data-content="' . htmlspecialchars($item->title, ENT_QUOTES, 'UTF-8') . '" data-placement="top">'
 						. $text . '</a>';
 				}
 			}
diff --git a/administrator/components/com_contact/helpers/html/contact.php b/administrator/components/com_contact/helpers/html/contact.php
index 711a3a21982f1..aa7e225a1285e 100644
--- a/administrator/components/com_contact/helpers/html/contact.php
+++ b/administrator/components/com_contact/helpers/html/contact.php
@@ -72,7 +72,7 @@ public static function association($contactid)
 					$text = strtoupper($item->lang_sef);
 					$url = JRoute::_('index.php?option=com_contact&task=contact.edit&id=' . (int) $item->id);
 
-					$tooltip = $item->title . '<br />' . JText::sprintf('JCATEGORY_SPRINTF', $item->category_title);
+					$tooltip = htmlspecialchars($item->title, ENT_QUOTES, 'UTF-8') . '<br />' . JText::sprintf('JCATEGORY_SPRINTF', $item->category_title);
 					$classes = 'hasPopover label label-association label-' . $item->lang_sef;
 
 					$item->link = '<a href="' . $url . '" title="' . $item->language_title . '" class="' . $classes
diff --git a/administrator/components/com_content/helpers/html/contentadministrator.php b/administrator/components/com_content/helpers/html/contentadministrator.php
index d2409b6e52028..9ec3e2dd73f05 100644
--- a/administrator/components/com_content/helpers/html/contentadministrator.php
+++ b/administrator/components/com_content/helpers/html/contentadministrator.php
@@ -73,7 +73,7 @@ public static function association($articleid)
 					$text    = $item->lang_sef ? strtoupper($item->lang_sef) : 'XX';
 					$url     = JRoute::_('index.php?option=com_content&task=article.edit&id=' . (int) $item->id);
 
-					$tooltip = $item->title . '<br />' . JText::sprintf('JCATEGORY_SPRINTF', $item->category_title);
+					$tooltip = htmlspecialchars($item->title, ENT_QUOTES, 'UTF-8') . '<br />' . JText::sprintf('JCATEGORY_SPRINTF', $item->category_title);
 					$classes = 'hasPopover label label-association label-' . $item->lang_sef;
 
 					$item->link = '<a href="' . $url . '" title="' . $item->language_title . '" class="' . $classes
diff --git a/administrator/components/com_menus/helpers/html/menus.php b/administrator/components/com_menus/helpers/html/menus.php
index 353ef838f325e..9dabd7fb99b51 100644
--- a/administrator/components/com_menus/helpers/html/menus.php
+++ b/administrator/components/com_menus/helpers/html/menus.php
@@ -72,7 +72,7 @@ public static function association($itemid)
 					$text = strtoupper($item->lang_sef);
 					$url = JRoute::_('index.php?option=com_menus&task=item.edit&id=' . (int) $item->id);
 
-					$tooltip = $item->title . '<br />' . JText::sprintf('COM_MENUS_MENU_SPRINTF', $item->menu_title);
+					$tooltip = htmlspecialchars($item->title, ENT_QUOTES, 'UTF-8') . '<br />' . JText::sprintf('COM_MENUS_MENU_SPRINTF', $item->menu_title);
 					$classes = 'hasPopover label label-association label-' . $item->lang_sef;
 
 					$item->link = '<a href="' . $url . '" title="' . $item->language_title . '" class="' . $classes
diff --git a/administrator/components/com_newsfeeds/helpers/html/newsfeed.php b/administrator/components/com_newsfeeds/helpers/html/newsfeed.php
index b400cfa0fc0a4..87957b70bfa85 100644
--- a/administrator/components/com_newsfeeds/helpers/html/newsfeed.php
+++ b/administrator/components/com_newsfeeds/helpers/html/newsfeed.php
@@ -69,7 +69,7 @@ public static function association($newsfeedid)
 				{
 					$text = strtoupper($item->lang_sef);
 					$url = JRoute::_('index.php?option=com_newsfeeds&task=newsfeed.edit&id=' . (int) $item->id);
-					$tooltip = $item->title . '<br />' . JText::sprintf('JCATEGORY_SPRINTF', $item->category_title);
+					$tooltip = htmlspecialchars($item->title, ENT_QUOTES, 'UTF-8') . '<br />' . JText::sprintf('JCATEGORY_SPRINTF', $item->category_title);
 					$classes = 'hasPopover label label-association label-' . $item->lang_sef;
 
 					$item->link = '<a href="' . $url . '" title="' . $item->language_title . '" class="' . $classes