diff --git a/muppet/format.py b/muppet/format.py
index 7294f66113442ab5850a7b8e3475ac213bf918f7..9e19576d4762405383583094d04f08f2a01457bd 100644
--- a/muppet/format.py
+++ b/muppet/format.py
@@ -211,7 +211,7 @@ def format_class(d_type: DefinedType | PuppetClass) -> Tuple[str, str]:
     except ParseError as e:
         logger.error("Parsing %(name)s failed: %(err)s",
                      {'name': d_type.name, 'err': e})
-        out += f'<div class="error">{e}</div>'
+        out += f'<div class="error">{html.escape(str(e))}</div>'
         out += '<pre><code class="puppet">'
         if e.pos:
             out += d_type.source[:e.pos]