diff --git a/spec/features/debates_spec.rb b/spec/features/debates_spec.rb
index e06872416..ca926400d 100644
--- a/spec/features/debates_spec.rb
+++ b/spec/features/debates_spec.rb
@@ -45,6 +45,23 @@ feature 'Debates' do
     expect(page).to have_content I18n.l(Date.today)
   end
 
+  scenario 'JS injection is sanitized' do
+    author = create(:user)
+    login_as(author)
+
+    visit new_debate_path
+    fill_in 'debate_title', with: 'A test'
+    fill_in 'debate_description', with: 'This is <script>alert("an attack");</script>'
+    check 'debate_terms_of_service'
+
+    click_button 'Create Debate'
+
+    expect(page).to have_content 'Debate was successfully created.'
+    expect(page).to have_content 'A test'
+    expect(page).to have_content 'This is alert("an attack");'
+    expect(page.html).to_not include '<script>alert("an attack");</script>'
+  end
+
   scenario 'Update should not be posible if logged user is not the author' do
     debate = create(:debate)
     expect(debate).to be_editable
diff --git a/spec/models/debate_spec.rb b/spec/models/debate_spec.rb
index 91797cb71..2510c7ec1 100644
--- a/spec/models/debate_spec.rb
+++ b/spec/models/debate_spec.rb
@@ -25,6 +25,12 @@ describe Debate do
     expect(@debate).to_not be_valid
   end
 
+  it "should sanitize the description" do
+    @debate.description = "<script>alert('danger');</script>"
+    @debate.valid?
+    expect(@debate.description).to eq("alert('danger');")
+  end
+
   it "should not be valid without accepting terms of service" do
     @debate.terms_of_service = nil
     expect(@debate).to_not be_valid