diff --git a/data/web/index.php b/data/web/index.php
index 2bc6e570..3202fb5b 100644
--- a/data/web/index.php
+++ b/data/web/index.php
@@ -69,7 +69,7 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
           <?php
           foreach ($MAILCOW_APPS as $app):
           ?>
-            <a href="<?= $app['link']; ?>" role="button" class="btn btn-lg btn-default"><?= $app['name']; ?></a>&nbsp;
+            <a href="<?= htmlspecialchars($app['link']); ?>" role="button" title="<?= htmlspecialchars($app['description']); ?>" class="btn btn-lg btn-default"><?= htmlspecialchars($app['name']); ?></a>&nbsp;
           <?php
           endforeach;
           ?>