diff --git a/modules/Vtiger/views/Popup.php b/modules/Vtiger/views/Popup.php
index c64ddc132d6de59129a82a43777c70854b2ea9b7..ae275249ebf6def7ad4451fcbc30cfc3e0e5fe94 100644
--- a/modules/Vtiger/views/Popup.php
+++ b/modules/Vtiger/views/Popup.php
@@ -180,8 +180,8 @@ class Vtiger_Popup_View extends Vtiger_Footer_View {
 			foreach ($searchParams as $fieldListGroup) {
 				foreach ($fieldListGroup as $fieldSearchInfo) {
 					$fieldModel = $moduleFields[$fieldSearchInfo[0]];
-					$tableName = $fieldModel->get('table');
-					$column = $fieldModel->get('column');
+					$tableName = Vtiger_Util_Helper::validateStringForSql($fieldModel->get('table'));
+					$column = Vtiger_Util_Helper::validateStringForSql($fieldModel->get('column'));
 					$whereCondition[$fieldSearchInfo[0]] = array($tableName.'.'.$column, $fieldSearchInfo[1], $fieldSearchInfo[2]);
 				}
 			}