diff --git a/helpdesk/lib.py b/helpdesk/lib.py
index 07d655c3..da853990 100644
--- a/helpdesk/lib.py
+++ b/helpdesk/lib.py
@@ -145,6 +145,7 @@ def process_attachments(followup, attached_files):
                 'application/octet-stream',
                 size=attached.size,
             )
+            att.full_clean()
             att.save()
 
             if attached.size < max_email_attachment_size:
diff --git a/helpdesk/tasks.py b/helpdesk/tasks.py
index cd3346fd..2fdee3e4 100644
--- a/helpdesk/tasks.py
+++ b/helpdesk/tasks.py
@@ -1,8 +1,8 @@
-from celery.decorators import task
+from celery import shared_task
 
 from .email import process_email
 
 
-@task()
+@shared_task
 def helpdesk_process_email():
     process_email()
diff --git a/helpdesk/templates/helpdesk/ticket_list.html b/helpdesk/templates/helpdesk/ticket_list.html
index c9a57d23..2894349b 100644
--- a/helpdesk/templates/helpdesk/ticket_list.html
+++ b/helpdesk/templates/helpdesk/ticket_list.html
@@ -330,7 +330,11 @@
         function get_url(row) {
             return "{% url 'helpdesk:view' 1234 %}".replace(/1234/, row.id.toString());
         }
-
+        
+        function htmlEntities(str) {
+            return String(str).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;');
+        }
+        
         $(document).ready(function () {
             // Ticket DataTable Initialization
             $('#ticketTable').DataTable({
@@ -366,7 +370,7 @@
                             if (type === 'display') {
                                 data = '<div class="tickettitle"><a href="' + get_url(row) + '" >' +
                                     row.id + '. ' +
-                                    row.title + '</a></div>';
+                                    htmlEntities(row.title) + '</a></div>';
                             }
                             return data
                         }