diff --git a/common/lib/capa/capa/inputtypes.py b/common/lib/capa/capa/inputtypes.py
index 187d2fd422..9ae63fb43a 100644
--- a/common/lib/capa/capa/inputtypes.py
+++ b/common/lib/capa/capa/inputtypes.py
@@ -333,6 +333,10 @@ def textline_dynamath(element, value, status, render_template, msg=''):
     if '' in preprocessor.values():
         preprocessor = None
 
+    # Escape characters in student input for safe XML parsing
+    escapedict = {'"': '&quot;'}
+    value = saxutils.escape(value, escapedict)
+
     context = {'id': eid, 'value': value, 'state': status, 'count': count, 'size': size,
                'msg': msg, 'hidden': hidden,
                'preprocessor': preprocessor,