diff --git a/frappe/www/printview.py b/frappe/www/printview.py
index 4853bf1cb9..545e5d581d 100644
--- a/frappe/www/printview.py
+++ b/frappe/www/printview.py
@@ -8,7 +8,7 @@ from frappe import _
 
 from frappe.modules import get_doc_path
 from frappe.core.doctype.access_log.access_log import make_access_log
-from frappe.utils import cint, strip_html
+from frappe.utils import cint, sanitize_html, strip_html
 from six import string_types
 
 no_cache = 1
@@ -20,9 +20,9 @@ def get_context(context):
 	"""Build context for print"""
 	if not ((frappe.form_dict.doctype and frappe.form_dict.name) or frappe.form_dict.doc):
 		return {
-			"body": """<h1>Error</h1>
+			"body": sanitize_html("""<h1>Error</h1>
 				<p>Parameters doctype and name required</p>
-				<pre>%s</pre>""" % repr(frappe.form_dict)
+				<pre>%s</pre>""" % repr(frappe.form_dict))
 		}
 
 	if frappe.form_dict.doc: