diff --git a/web/pgadmin/tools/datagrid/static/js/datagrid.js b/web/pgadmin/tools/datagrid/static/js/datagrid.js
index f12ab7a7..7610d955 100644
--- a/web/pgadmin/tools/datagrid/static/js/datagrid.js
+++ b/web/pgadmin/tools/datagrid/static/js/datagrid.js
@@ -227,7 +227,7 @@ define('pgadmin.datagrid', [
         queryToolForm +=`
           </form>
             <script>
-              document.getElementById("title").value = "${panel_title}";
+              document.getElementById("title").value = "${_.escape(panel_title)}";
               document.getElementById("queryToolForm").submit();
             </script>
           `;
diff --git a/web/pgadmin/tools/datagrid/static/js/datagrid_panel_title.js b/web/pgadmin/tools/datagrid/static/js/datagrid_panel_title.js
index 8c9b999c..6ea36ac5 100644
--- a/web/pgadmin/tools/datagrid/static/js/datagrid_panel_title.js
+++ b/web/pgadmin/tools/datagrid/static/js/datagrid_panel_title.js
@@ -52,6 +52,6 @@ export function setQueryToolDockerTitle(panel, is_query_tool, panel_title, is_fi
     panel_icon = 'fa fa-bolt';
   }
 
-  panel.title('<span title="'+ panel_tooltip +'">'+ panel_title +'</span>');
+  panel.title('<span title="'+ _.escape(panel_title) +'">'+ _.escape(panel_title) +'</span>');
   panel.icon(panel_icon);
 }
diff --git a/web/pgadmin/tools/sqleditor/static/js/sqleditor.js b/web/pgadmin/tools/sqleditor/static/js/sqleditor.js
index 7e368ffb..82ceb3f5 100644
--- a/web/pgadmin/tools/sqleditor/static/js/sqleditor.js
+++ b/web/pgadmin/tools/sqleditor/static/js/sqleditor.js
@@ -3436,7 +3436,7 @@ define('tools.querytool', [
               // Find the title of the visible panel
               _.each(window.top.pgAdmin.Browser.docker.findPanels('frm_datagrid'), function(p) {
                 if (p.isVisible()) {
-                  self.gridView.panel_title = $(p._title).html();
+                  self.gridView.panel_title = $(p._title).text();
                 }
               });