diff --git a/app/controllers/my_profile/cms_controller.rb b/app/controllers/my_profile/cms_controller.rb
index 3559cd5..d3c073c 100644
--- a/app/controllers/my_profile/cms_controller.rb
+++ b/app/controllers/my_profile/cms_controller.rb
@@ -92,6 +92,9 @@ class CmsController < MyProfileController
 
     @article.article_privacy_exceptions = params[:q].split(/,/).map{|n| environment.people.find n.to_i} unless params[:q].nil?
 
+    @escaped_body = CGI::escapeHTML(@article.body || '')
+    @escaped_abstract = CGI::escapeHTML(@article.abstract || '')
+
     @tokenized_children = prepare_to_token_input(
                             profile.members.includes(:articles_with_access).find_all{ |m|
                               m.articles_with_access.include?(@article)
diff --git a/app/views/shared/_lead_and_body.html.erb b/app/views/shared/_lead_and_body.html.erb
index 9b13299..3650684 100644
--- a/app/views/shared/_lead_and_body.html.erb
+++ b/app/views/shared/_lead_and_body.html.erb
@@ -19,17 +19,27 @@
 
 <div class='article-lead' id="article-lead-<%=lead_id.to_s%>">
 
+  <% abstract_options = {:style => 'width: 100%; height: 200px;', :class => editor_type} %>
   <% if f %>
-    <%= labelled_form_field(_(abstract_label), f.text_area(abstract_method, :style => 'width: 100%; height: 200px;', :class => editor_type)) %>
+    <%= labelled_form_field(_(abstract_label), f.text_area(abstract_method, abstract_options)) %>
   <% else %>
-    <%= labelled_form_field(_(abstract_label), text_area(object, abstract_method, :style => 'width: 100%; height: 200px;', :class => editor_type)) %>
+    <% if @article.kind_of?(Article) %>
+      <%= labelled_form_field(_(abstract_label), text_area_tag("article[abstract]", @escaped_abstract, abstract_options)) %>
+    <% else %>
+      <%= labelled_form_field(_(abstract_label), text_area(object, abstract_method, abstract_options)) %>
+    <% end %>
   <% end %>
 </div>
 <div style="margin-top: 10px;">
+  <% body_options = {:style => 'width: 100%; height: 400px;', :class => editor_type} %>
   <% if f %>
-    <%= labelled_form_field(_(body_label), f.text_area(body_method, :style => 'width: 100%; height: 400px;', :class => editor_type)) %>
+    <%= labelled_form_field(_(body_label), f.text_area(body_method, body_options)) %>
   <% else %>
-    <%= labelled_form_field(_(body_label), text_area(object, body_method, :style => 'width: 100%; height: 400px;', :class => editor_type)) %>
+    <% if @article.kind_of?(Article) %>
+      <%= labelled_form_field(_(body_label), text_area_tag("article[body]", @escaped_body, body_options)) %>
+    <% else %>
+      <%= labelled_form_field(_(body_label), text_area(object, body_method, body_options)) %>
+    <% end %>
   <% end %>
 </div>
 
--
libgit2 0.21.2