diff --git a/history.txt b/history.txt
index 1b934916..ad2b175f 100644
--- a/history.txt
+++ b/history.txt
@@ -3,6 +3,7 @@ I2P-Bote Version History
 
 0.4.4
   * Added CSRF guards to all forms (thanks Beardog for raising the issue!)
+  * Tweak error message to avoid XSS filter (ticket #1815)
   * Improve identities list usability (thanks Jonathan!)
 
 0.4.3 (Released on Jan 28, 2016)
diff --git a/src/main/java/i2p/bote/email/EmailIdentity.java b/src/main/java/i2p/bote/email/EmailIdentity.java
index f16d4f85..0e3dedbd 100644
--- a/src/main/java/i2p/bote/email/EmailIdentity.java
+++ b/src/main/java/i2p/bote/email/EmailIdentity.java
@@ -72,7 +72,7 @@ public class EmailIdentity extends EmailDestination {
         if ("".equals(vanityPrefix))
             vanityPrefix = null;
         if (vanityPrefix!=null && !cryptoImpl.getBase64InitialCharacters().contains(vanityPrefix.substring(0, 1))) {
-            String errorMsg = "This encryption type does not support destinations that start with a \"{0}\". Valid initial characters are {1}.";
+            String errorMsg = "This encryption type does not support destinations that start with {0}. Valid initial characters are {1}.";
             throw new IllegalDestinationParametersException(_t(errorMsg, vanityPrefix.charAt(0), cryptoImpl.getBase64InitialCharacters()));
         }