Index: lams_central/src/java/org/lamsfoundation/lams/web/tag/MultiLinesOutputTag.java
===================================================================
diff -u -r5773f84ed608838de3521ecde87c52f3c72d478c -r843436d557004fd0408910c7e228c6957e017ab1
--- lams_central/src/java/org/lamsfoundation/lams/web/tag/MultiLinesOutputTag.java	(.../MultiLinesOutputTag.java)	(revision 5773f84ed608838de3521ecde87c52f3c72d478c)
+++ lams_central/src/java/org/lamsfoundation/lams/web/tag/MultiLinesOutputTag.java	(.../MultiLinesOutputTag.java)	(revision 843436d557004fd0408910c7e228c6957e017ab1)
@@ -5,7 +5,7 @@
 import javax.servlet.jsp.JspException;
 import javax.servlet.jsp.tagext.SimpleTagSupport;
 
-import org.apache.commons.lang.StringEscapeUtils;
+import org.springframework.web.util.HtmlUtils;
 
 /**
  * JSP tag. It converts text from \n or \r\n to <BR> before rendering.
@@ -24,7 +24,7 @@
     @Override
     public void doTag() throws JspException, IOException {
 	if (escapeHtml) {
-	    value = StringEscapeUtils.escapeHtml(value);
+	    value = HtmlUtils.htmlEscape(value);
 	}
 	value = value.replaceAll("\n", "<br>");
 	getJspContext().getOut().write(value.toString());