diff --git a/modules/issuetracker/issuetracker.model.php b/modules/issuetracker/issuetracker.model.php
index d107f90a9..ab2b4e603 100644
--- a/modules/issuetracker/issuetracker.model.php
+++ b/modules/issuetracker/issuetracker.model.php
@@ -157,7 +157,7 @@
             return $output;
         }
 
-        function getList($module_srl, $listname) 
+        function getList($module_srl, $listname)
         {
             if(!$module_srl) return array();
 
@@ -201,7 +201,7 @@
             return $histories;
         }
 
-        function getPackageList($module_srl, $package_srl=0, $each_releases_count = 0) 
+        function getPackageList($module_srl, $package_srl=0, $each_releases_count = 0)
         {
             if(!$module_srl) return array();
 
@@ -396,18 +396,12 @@
             if(in_array('commit', $targets))
             {
                 $output = executeQueryArray("issuetracker.getChangesets", $args);
-                if(!$output->toBool())
-                {
-                    return array();
-                }
-            }
-            if(!$output->data)
-            {
-                $output->data = array();
-            }
-            foreach($output->data as $key => $changeset)
-            {
-                $changeset->message = $this->_linkXE($changeset->message);
+                if(!$output->toBool()) return array();
+                if(!$output->data) $output->data = array();
+
+                // message에 htmlspecialchars() 적용
+                foreach($output->data as $key => $changeset)
+                    $changeset->message = htmlspecialchars($this->_linkXE($changeset->message));
             }
 
             if(in_array('issue_changed', $targets))
diff --git a/modules/issuetracker/skins/xe_issuetracker/timeline.html b/modules/issuetracker/skins/xe_issuetracker/timeline.html
index 2b67bbd52..e52e860a8 100644
--- a/modules/issuetracker/skins/xe_issuetracker/timeline.html
+++ b/modules/issuetracker/skins/xe_issuetracker/timeline.html
@@ -1,18 +1,18 @@
 <!--#include('header.html')-->
 <!--%load_js_plugin("ui.datepicker")-->
-<div class="left"><h2> Timeline </h2></div>
+<div class="left"><h2>Timeline</h2></div>
 <div class="search">
 <form action="{getUrl()}" id="fo_search">
     <br />
     <input type="hidden" name="act" value="dispIssuetrackerTimeline" />
     <input type="hidden" name="mid" value="{$mid}" />
-    {$lang->msg_changes_from}: 
-    <input type="hidden" name="enddate" id="enddate" class="inputTypeText" value="{$enddate}">
+    {$lang->msg_changes_from}:
+    <input type="hidden" name="enddate" id="enddate" class="inputTypeText" value="{$enddate}" />
     <input type="text" class="inputDate" value="<!--@if($enddate)-->{zdate($enddate,'Y-m-d')}<!--@end-->" readonly="readonly" />
-    , {$lang->duration}: <input type="text" name="duration" class="inputTypeText w40" value={$duration}>
-    <BR />
+    , {$lang->duration}: <input type="text" name="duration" class="inputTypeText w40" value="{$duration}" />
+    <br />
     <!--@foreach($lang->target_list as $key => $val)-->
-    <input name="targets[]" type="checkbox" value="{$key}" <!--@if(in_array($key,$targets))-->checked="checked"<!--@end--> id="targets_{$key}"/><label for="targets_{$key}">{$val}</label>
+    <input name="targets[]" type="checkbox" value="{$key}" <!--@if(in_array($key,$targets))-->checked="checked"<!--@end--> id="targets_{$key}"/><label for="targets_{$key}"> {$val}</label>
     <!--@end-->
     <a href="#" onclick="xGetElementById('fo_search').submit();return false;" class="button {$btn_class}"><span>{$lang->cmd_update}</span></a>
 
@@ -40,8 +40,8 @@
     <a href="{getUrl('act','dispIssuetrackerViewSource','erev',$changeset->revision,'type','log')}">Changeset <em>[{$changeset->revision}]</em></a> by <span class="author">{$changeset->author}</span>
     <!--@end-->
 </dt>
-<dd class="changeset"> 
-<p><!--@if($changeset->type)--><!--@if($changeset->type == "changed")--><span class="status">{$changeset->message}</span><br><!--@endif-->{$issues[$changeset->target_srl]->getContentText(80)}<!--@else-->{$changeset->message}<!--@end--></p> </dd>
+<dd class="changeset">
+<p><!--@if($changeset->type)--><!--@if($changeset->type == "changed")--><span class="status">{$changeset->message}</span><br /><!--@endif-->{$issues[$changeset->target_srl]->getContentText(80)}<!--@else-->{$changeset->message}<!--@end--></p></dd>
 <!--@end-->
 </dl>
 <script type="text/javascript">