diff --git a/model/HTMLValue.php b/model/HTMLValue.php
index 3744325a1..7888806f4 100644
--- a/model/HTMLValue.php
+++ b/model/HTMLValue.php
@@ -52,7 +52,7 @@ abstract class SS_HTMLValue extends ViewableData {
 
 		// Then replace the saved attributes with their original versions
 		$res = preg_replace_callback('/__HTMLVALUE_(\d+)/', function($matches) use ($attrs) {
-			return $attrs[$matches[0]];
+			return Convert::raw2att($attrs[$matches[0]]);
 		}, $res);
 
 		return $res;
diff --git a/tests/integration/HTML4ValueTest.php b/tests/integration/HTML4ValueTest.php
index b29e99d33..011d89797 100644
--- a/tests/integration/HTML4ValueTest.php
+++ b/tests/integration/HTML4ValueTest.php
@@ -58,4 +58,13 @@ class SS_HTML4ValueTest extends SapphireTest {
 		);
 	}
 
+	public function testAttributeEscaping() {
+		$value = new SS_HTML4Value();
+
+		$value->setContent('<a href="[]"></a>');
+		$this->assertEquals('<a href="[]"></a>', $value->getContent(), "'[' character isn't escaped");
+
+		$value->setContent('<a href="&quot;"></a>');
+		$this->assertEquals('<a href="&quot;"></a>', $value->getContent(), "'\"' character is escaped");
+	}
 }