diff --git a/plugins/c9.ide.immediate/evaluators/debugnode.js b/plugins/c9.ide.immediate/evaluators/debugnode.js
index fd3a5d3f..778f63ac 100644
--- a/plugins/c9.ide.immediate/evaluators/debugnode.js
+++ b/plugins/c9.ide.immediate/evaluators/debugnode.js
@@ -1,18 +1,19 @@
 define(function(require, exports, module) {
     main.consumes = [
-        "immediate", "settings", "debugger", "Evaluator", "callstack", "ui"
+        "immediate", "debugger", "Evaluator", "callstack", "ui"
     ];
     main.provides = ["immediate.debugnode"];
     return main;
 
     function main(options, imports, register) {
         var Evaluator = imports.Evaluator;
-        var settings = imports.settings;
         var debug = imports.debugger;
         var immediate = imports.immediate;
         var callstack = imports.callstack;
         var ui = imports.ui;
         
+        var escapeHTML = require("ace/lib/lang").escapeHTML;
+        
         /***** Initialization *****/
         
         var plugin = new Evaluator("Ajax.org", main.consumes, {
@@ -450,7 +451,7 @@ define(function(require, exports, module) {
                     else {
                         // A value of unknown type which does not have any properties - assume it is a language-specific
                         // primitive type.
-                        insert(html, value, name);
+                        insert(html, escapeHTML(value), name);
                     }
                 }
             }
diff --git a/plugins/c9.ide.upload/upload_progress.js b/plugins/c9.ide.upload/upload_progress.js
index 6e8160f8..2bbdc3aa 100644
--- a/plugins/c9.ide.upload/upload_progress.js
+++ b/plugins/c9.ide.upload/upload_progress.js
@@ -16,6 +16,7 @@ define(function(require, exports, module) {
         var css = require("text!./upload_progress.css");
         var TreeData = require("ace_tree/data_provider");
         var Tree = require("ace_tree/tree");
+        var escapeHTML = require("ace/lib/lang").escapeHTML;
         
         var boxUploadActivityMarkup = require("text!./markup/box_upload_activity.xml");
         
@@ -79,10 +80,10 @@ define(function(require, exports, module) {
             mdlUploadActivity.rowHeightInner = 20;
             mdlUploadActivity.getContentHTML = function(node) {
                 return "<span class='uploadactivity-caption'>"
-                    + node.label
+                    + escapeHTML(node.label)
                     + "</span>"
                     + "<span class='uploadactivity-progress'>"
-                    + (node.progress == undefined ? "&nbsp;" : node.progress + "%") + "</span>"
+                    + (node.progress == undefined ? "&nbsp;" : escapeHTML(node.progress + "%")) + "</span>"
                     + "<span class='uploadactivity-delete'>&nbsp;</span>";
             };
             mdlUploadActivity.updateProgress = function(node, val) {