diff --git a/synapse/res/templates/saml_error.html b/synapse/res/templates/saml_error.html
index 223d3a74bc..bfd6449c5d 100644
--- a/synapse/res/templates/saml_error.html
+++ b/synapse/res/templates/saml_error.html
@@ -37,7 +37,8 @@
         // to print one.
         let errorDesc = new URLSearchParams(searchStr).get("error_description")
         if (errorDesc) {
-            document.getElementById("errormsg").innerHTML = ` ("${errorDesc}")`;
+
+            document.getElementById("errormsg").innerText = ` ("${errorDesc}")`;
         }
     </script>
 </body>