diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php
index 35aca09b..6023d5a0 100644
--- a/admin/admin_ticket.php
+++ b/admin/admin_ticket.php
@@ -1973,7 +1973,9 @@ function hesk_printCanned()
 	{
 	    $can_options .= '<option value="' . $mysaved[0] . '">' . $mysaved[1]. "</option>\n";
 	    if ($modsForHesk_settings['rich_text_for_tickets']) {
-	        echo 'myMsgTxt['.$mysaved[0].']=\''.str_replace("\r\n","\\r\\n' + \r\n'", hesk_html_entity_decode($mysaved[2]))."';\n";
+	        $theMessage = hesk_html_entity_decode($mysaved[2]);
+	        $theMessage = addslashes($theMessage);
+	        echo 'myMsgTxt['.$mysaved[0].']=\''.str_replace("\r\n","\\r\\n' + \r\n'", $theMessage)."';\n";
 	    } else {
 	        echo 'myMsgTxt['.$mysaved[0].']=\''.str_replace("\r\n","\\r\\n' + \r\n'", addslashes($mysaved[2]))."';\n";
 	    }
diff --git a/admin/manage_canned.php b/admin/manage_canned.php
index 19c38d66..b851c67a 100644
--- a/admin/manage_canned.php
+++ b/admin/manage_canned.php
@@ -161,7 +161,9 @@ function hesk_insertAtCursor(myField, myValue) {
 
                         $javascript_titles.='myTitle['.$mysaved['id'].']=\''.addslashes($mysaved['title'])."';\n";
                         if ($modsForHesk_settings['rich_text_for_tickets']) {
-                            $javascript_messages.='myMsgTxt['.$mysaved['id'].']=\''.str_replace("\r\n","\\r\\n' + \r\n'", hesk_html_entity_decode($mysaved['message']) )."';\n";
+                            $theMessage = hesk_html_entity_decode($mysaved['message']);
+                            $theMessage = addslashes($theMessage);
+                            $javascript_messages.='myMsgTxt['.$mysaved['id'].']=\''.str_replace("\r\n","\\r\\n' + \r\n'", $theMessage )."';\n";
                         } else {
                             $javascript_messages.='myMsgTxt['.$mysaved['id'].']=\''.str_replace("\r\n","\\r\\n' + \r\n'", addslashes($mysaved['message']) )."';\n";
                         }
diff --git a/admin/new_ticket.php b/admin/new_ticket.php
index 6b266304..b50c7b41 100644
--- a/admin/new_ticket.php
+++ b/admin/new_ticket.php
@@ -572,7 +572,9 @@ if (!$show['show']) {
                         {
                             $can_options .= '<option value="' . $mysaved[0] . '">' . $mysaved[1]. "</option>\n";
                             if ($modsForHesk_settings['rich_text_for_tickets']) {
-                                echo 'myMsgTxt['.$mysaved[0].']=\''.str_replace("\r\n","\\r\\n' + \r\n'", hesk_html_entity_decode($mysaved[2]))."';\n";
+                                $theMessage = hesk_html_entity_decode($mysaved[2]);
+                                $theMessage = addslashes($theMessage);
+                                echo 'myMsgTxt['.$mysaved[0].']=\''.str_replace("\r\n","\\r\\n' + \r\n'", $theMessage)."';\n";
                             } else {
                                 echo 'myMsgTxt['.$mysaved[0].']=\''.str_replace("\r\n","\\r\\n' + \r\n'", addslashes($mysaved[2]))."';\n";
                             }