diff --git a/app/views/external_works/fetch.js.erb b/app/views/external_works/fetch.js.erb
index 2e3ca855796..cb20f7911cb 100644
--- a/app/views/external_works/fetch.js.erb
+++ b/app/views/external_works/fetch.js.erb
@@ -1,6 +1,6 @@
 <% unless @external_work.blank? %>
-  $j('#external_work_author').val("<%= @external_work.author %>").change();
-  $j('#external_work_title').val("<%= @external_work.title %>").change();
+  $j('#external_work_author').val("<%= escape_javascript(@external_work.author.html_safe) %>").change();
+  $j('#external_work_title').val("<%= escape_javascript(@external_work.title) %>").change();
   $j('#external_work_summary').val("<%= escape_javascript(@external_work.summary&.html_safe) %>").change();
   $j('#fetched').val("<%= @external_work.id %>");
   $j('#external_work_rating_string').val("<%= @external_work.rating_string %>");