diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4da43598..b8bb699e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,21 @@
+<a name="1.19.3"></a>
+## [1.19.3](https://github.com/Rebilly/ReDoc/compare/v1.19.2...v1.19.3) (2017-11-16)
+
+
+### Bug Fixes
+
+* html characters not escaped in code blocks (fixes [#378](https://github.com/Rebilly/ReDoc/issues/378)) ([fef9ec4](https://github.com/Rebilly/ReDoc/commit/fef9ec4))
+
+
+<a name="1.19.2"></a>
+## [1.19.2](https://github.com/Rebilly/ReDoc/compare/v1.19.1...v1.19.2) (2017-11-10)
+
+
+### Bug Fixes
+
+* response samples doesn't show only text/plain (fixes [#371](https://github.com/Rebilly/ReDoc/issues/371)) ([00aea06](https://github.com/Rebilly/ReDoc/commit/00aea06))
+
+
 <a name="1.19.1"></a>
 # [1.19.1](https://github.com/Rebilly/ReDoc/compare/v1.19.0...v1.19.1) (2017-10-02)
 
diff --git a/lib/utils/md-renderer.ts b/lib/utils/md-renderer.ts
index 9e2c890c..1fe16d1a 100644
--- a/lib/utils/md-renderer.ts
+++ b/lib/utils/md-renderer.ts
@@ -5,6 +5,13 @@ import * as slugify from 'slugify';
 import * as Remarkable from 'remarkable';
 import { StringMap } from './';
 
+function HTMLescape(html: string): string {
+  return document.createElement('div')
+    .appendChild(document.createTextNode(html))
+    .parentElement
+    .innerHTML;
+}
+
 declare var Prism: any;
 const md = new Remarkable({
   html: true,
@@ -15,7 +22,7 @@ const md = new Remarkable({
     if (lang === 'json') lang = 'js';
     let grammar = Prism.languages[lang];
     // fallback to click
-    if (!grammar) return str;
+    if (!grammar) return HTMLescape(str);
     return Prism.highlight(str, grammar);
   }
 });
diff --git a/package.json b/package.json
index 969dff06..f2d5a7ec 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "redoc",
   "description": "Swagger-generated API Reference Documentation",
-  "version": "1.19.2",
+  "version": "1.19.3",
   "repository": {
     "type": "git",
     "url": "git://github.com/Rebilly/ReDoc"