diff --git a/src/meta/title.js b/src/meta/title.js
index 0019cdb686..0ca2d346ac 100644
--- a/src/meta/title.js
+++ b/src/meta/title.js
@@ -1,6 +1,7 @@
 'use strict';
 
 var winston = require('winston'),
+	validator = require('validator'),
 	user = require('../user'),
 	translator = require('../../public/src/translator');
 
@@ -34,6 +35,7 @@ module.exports = function(Meta) {
 	};
 
 	Meta.title.parseFragment = function (urlFragment, language, callback) {
+		urlFragment = validator.escape(urlFragment);
 		var	translated = ['', 'recent', 'unread', 'users', 'notifications'];
 		if (translated.indexOf(urlFragment) !== -1) {
 			if (!urlFragment.length) {