diff --git a/src/rss_parser.py b/src/rss_parser.py
index d2f7844e..f657ead2 100644
--- a/src/rss_parser.py
+++ b/src/rss_parser.py
@@ -60,7 +60,7 @@ def modify_feed(self, feed_content: str, slug: str) -> str:
         channel = feed.feed
         lines.append(f'<title>{channel.get("title", "")}</title>')
         lines.append(f'<link>{channel.get("link", "")}</link>')
-        lines.append(f'<description>{channel.get("description", "")}</description>')
+        lines.append(f'<description>{self._escape_xml(channel.get("description", ""))}</description>')
         lines.append(f'<language>{channel.get("language", "en")}</language>')
 
         # Mark as private feed for personal use only
@@ -68,9 +68,9 @@ def modify_feed(self, feed_content: str, slug: str) -> str:
 
         if 'image' in channel:
             lines.append(f'<image>')
-            lines.append(f'  <url>{channel.image.get("href", "")}</url>')
+            lines.append(f'  <url>{self._escape_xml(channel.image.get("href", ""))}</url>')
             lines.append(f'  <title>{channel.image.get("title", "")}</title>')
-            lines.append(f'  <link>{channel.image.get("link", "")}</link>')
+            lines.append(f'  <link>{self._escape_xml(channel.image.get("link", ""))}</link>')
             lines.append(f'</image>')
 
         # Process each episode
@@ -93,7 +93,7 @@ def modify_feed(self, feed_content: str, slug: str) -> str:
             lines.append('<item>')
             lines.append(f'  <title>{self._escape_xml(entry.get("title", ""))}</title>')
             lines.append(f'  <description>{self._escape_xml(entry.get("description", ""))}</description>')
-            lines.append(f'  <link>{entry.get("link", "")}</link>')
+            lines.append(f'  <link>{self._escape_xml(entry.get("link", ""))}</link>')
             lines.append(f'  <guid>{entry.get("id", episode_url)}</guid>')
             lines.append(f'  <pubDate>{entry.get("published", "")}</pubDate>')