Index: lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/action/MonitoringAction.java
===================================================================
RCS file: /usr/local/cvsroot/lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/action/MonitoringAction.java,v
diff -u -r1.10 -r1.11
--- lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/action/MonitoringAction.java	13 Jun 2013 10:10:56 -0000	1.10
+++ lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/action/MonitoringAction.java	16 Jul 2013 13:22:53 -0000	1.11
@@ -34,6 +34,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.log4j.Logger;
 import org.apache.struts.action.Action;
 import org.apache.struts.action.ActionForm;
@@ -135,11 +136,10 @@
 	Long contentId = (Long) sessionMap.get(ScratchieConstants.ATTR_TOOL_CONTENT_ID);
 	List<GroupSummary> summaryList = getScratchieService().getQuestionSummary(contentId, itemUid);
 	
-	// Removes all the html tags from an answer descriptions
+	// escape JS sensitive characters in answer descriptions
 	for (GroupSummary summary : summaryList) {
 	    for (ScratchieAnswer answer : summary.getAnswers()) {
-		String description = (answer.getDescription() == null) ? "" : answer.getDescription()
-			.replaceAll("\\<.*?>", "").replaceAll("[\"]", "&quot;");
+		String description = (answer.getDescription() == null) ? "" : StringEscapeUtils.escapeJavaScript(answer.getDescription());
 		answer.setDescription(description);
 	    }
 	}