diff --git a/components/ILIAS/LTIConsumer/classes/class.ilLTIConsumeProviderList.php b/components/ILIAS/LTIConsumer/classes/class.ilLTIConsumeProviderList.php
index d7320a65df4e..1da991a39aa9 100755
--- a/components/ILIAS/LTIConsumer/classes/class.ilLTIConsumeProviderList.php
+++ b/components/ILIAS/LTIConsumer/classes/class.ilLTIConsumeProviderList.php
@@ -1,7 +1,5 @@
 <?php
 
-declare(strict_types=1);
-
 /**
  * This file is part of ILIAS, a powerful learning management system
  * published by ILIAS open source e-Learning e.V.
@@ -18,6 +16,8 @@
  *
  *********************************************************************/
 
+declare(strict_types=1);
+
 /**
  * Class ilLTIConsumeProviderList
  *
@@ -390,8 +390,8 @@ public function getTableData(): array
             $tblRow = array();
 
             $tblRow['id'] = $provider->getId();
-            $tblRow['title'] = $provider->getTitle();
-            $tblRow['description'] = $provider->getDescription();
+            $tblRow['title'] = htmlspecialchars($provider->getTitle());
+            $tblRow['description'] = htmlspecialchars($provider->getDescription());
             $tblRow['category'] = $provider->getCategory();
             $tblRow['keywords'] = $this->getKeywordsFormatted($provider->getKeywordsArray());
             $tblRow['outcome'] = $provider->getHasOutcome();
diff --git a/components/ILIAS/LTIConsumer/ltiregstart.php b/components/ILIAS/LTIConsumer/ltiregstart.php
index e6271689e1ed..2e1022d07ec1 100755
--- a/components/ILIAS/LTIConsumer/ltiregstart.php
+++ b/components/ILIAS/LTIConsumer/ltiregstart.php
@@ -24,11 +24,8 @@
 ilInitialisation::initILIAS();
 global $DIC;
 
-if (strtoupper($DIC->http()->request()->getMethod()) !== "GET") {
-    $DIC->http()->saveResponse(
-        $DIC->http()->response()
-            ->withStatus(400)
-    );
+if (!$DIC->user()->getId() || $DIC->user()->getId() === ANONYMOUS_USER_ID) {
+    ilObjLTIConsumer::sendResponseError(401, "unauthorized");
 }
 
 $params = $DIC->http()->wrapper()->query();