diff --git a/CHANGES.rst b/CHANGES.rst
index a10ba9f..c54fd67 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -14,7 +14,7 @@ New features:
 
 Bug fixes:
 
-- *add item here*
+- Fixed possible cross site scripting (XSS) attack on moderate comments page.  [maurits]
 
 
 
diff --git a/plone/app/discussion/browser/moderation.pt b/plone/app/discussion/browser/moderation.pt
index 39ae1f0..d89fff0 100644
--- a/plone/app/discussion/browser/moderation.pt
+++ b/plone/app/discussion/browser/moderation.pt
@@ -110,7 +110,7 @@
                                        tal:content="item/in_response_to" />
                                 </td>
                                 <td>
-                                    <span tal:replace="structure item/Description" />
+                                    <span tal:replace="item/Description" />
                                     <a href=""
                                        tal:attributes="href string:${item/getURL}/getText"
                                        tal:condition="python:item.Description.endswith('[...]')"