diff --git a/synapse/res/templates/saml_error.html b/synapse/res/templates/saml_error.html
index 223d3a74bc8571b2b8627fcdc5c2e22077fd2567..bfd6449c5d5e01405e454d8939e3717c6f5b4fed 100644
--- a/synapse/res/templates/saml_error.html
+++ b/synapse/res/templates/saml_error.html
@@ -37,7 +37,8 @@
         // to print one.
         let errorDesc = new URLSearchParams(searchStr).get("error_description")
         if (errorDesc) {
-            document.getElementById("errormsg").innerHTML = ` ("${errorDesc}")`;
+
+            document.getElementById("errormsg").innerText = ` ("${errorDesc}")`;
         }
     </script>
 </body>