diff --git a/api/XMLDataFormatter.php b/api/XMLDataFormatter.php
index f8fdf6c30..63d882211 100644
--- a/api/XMLDataFormatter.php
+++ b/api/XMLDataFormatter.php
@@ -39,8 +39,7 @@ class XMLDataFormatter extends DataFormatter {
 		
 		return "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" . $this->convertDataObjectWithoutHeader($obj, $fields);
 	}
-		
-		
+
 	public function convertDataObjectWithoutHeader(DataObject $obj, $fields = null, $relations = null) {
 		$className = $obj->class;
 		$id = $obj->ID;
@@ -57,7 +56,13 @@ class XMLDataFormatter extends DataFormatter {
 			if(is_object($fieldValue) && is_subclass_of($fieldValue, 'Object') && $fieldValue->hasMethod('toXML')) {
 				$xml .= $fieldValue->toXML();
 			} else {
-				$xml .= "<$fieldName>" . Convert::raw2xml($fieldValue) . "</$fieldName>\n";
+				if('HTMLText' == $fieldType) {
+					// Escape HTML values using CDATA
+					$fieldValue = sprintf('<![CDATA[%s]]>', str_replace(']]>', ']]]]><![CDATA[>', $fieldValue));
+				} else {
+					$fieldValue = Convert::raw2xml($fieldValue);
+				}
+				$xml .= "<$fieldName>$fieldValue</$fieldName>\n";
 			}
 		}
 	
diff --git a/tests/api/XMLDataFormatterTest.php b/tests/api/XMLDataFormatterTest.php
new file mode 100644
index 000000000..a62ef8bc9
--- /dev/null
+++ b/tests/api/XMLDataFormatterTest.php
@@ -0,0 +1,40 @@
+<?php
+class XMLDataFormatterTest extends SapphireTest {
+
+	public static $fixture_file = 'sapphire/tests/api/XMLDataFormatterTest.yml';
+
+	protected $extraDataObjects = array(
+		'XMLDataFormatterTest_DataObject'
+	);
+
+	public function testConvertDataObjectWithoutHeader() {
+		$formatter = new XMLDataFormatter();
+		$obj = $this->objFromFixture('XMLDataFormatterTest_DataObject', 'test-do');
+		$xml = new SimpleXMLElement('<?xml version="1.0"?>' . $formatter->convertDataObjectWithoutHeader($obj));
+		$this->assertEquals(
+			Director::absoluteBaseURL() . sprintf('api/v1/XMLDataFormatterTest_DataObject/%d.xml', $obj->ID),
+			(string) $xml['href']
+		);
+		$this->assertEquals('Test DataObject', (string) $xml->Name);
+		$this->assertEquals('Test Company', (string) $xml->Company);
+		$this->assertEquals($obj->ID, (int) $xml->ID);
+		$this->assertEquals(
+			'<Content><![CDATA[<a href="http://mysite.com">mysite.com</a> is a link in this HTML content. <![CDATA[this is some nested CDATA]]]]><![CDATA[>]]></Content>',
+			$xml->Content->asXML()
+		);
+		$this->assertEquals(
+			'<a href="http://mysite.com">mysite.com</a> is a link in this HTML content. <![CDATA[this is some nested CDATA]]>',
+			(string) $xml->Content
+		);
+	}
+
+}
+class XMLDataFormatterTest_DataObject extends DataObject implements TestOnly {
+
+	public static $db = array(
+		'Name' => 'Varchar(50)',
+		'Company' => 'Varchar(50)',
+		'Content' => 'HTMLText'
+	);
+
+}
\ No newline at end of file
diff --git a/tests/api/XMLDataFormatterTest.yml b/tests/api/XMLDataFormatterTest.yml
new file mode 100644
index 000000000..951dc8d2d
--- /dev/null
+++ b/tests/api/XMLDataFormatterTest.yml
@@ -0,0 +1,5 @@
+XMLDataFormatterTest_DataObject:
+   test-do:
+      Name: Test DataObject
+      Company: Test Company
+      Content: <a href="http://mysite.com">mysite.com</a> is a link in this HTML content. <![CDATA[this is some nested CDATA]]>
\ No newline at end of file