diff --git a/inc/supplier.class.php b/inc/supplier.class.php
index 12fab7a7dc..39b1d1f996 100644
--- a/inc/supplier.class.php
+++ b/inc/supplier.class.php
@@ -35,6 +35,8 @@
     die("Sorry. You can't access this file directly");
 }
 
+use Glpi\Toolbox\URL;
+
 /**
  * Supplier class (suppliers)
  **/
@@ -459,14 +461,17 @@ public function getLinks($withname = false)
         $ret = '&nbsp;&nbsp;&nbsp;&nbsp;';
 
         if ($withname) {
-            $ret .= $this->fields["name"];
+            $ret .= htmlspecialchars((string) $this->fields["name"], ENT_QUOTES, 'UTF-8');
             $ret .= "&nbsp;&nbsp;";
         }
 
         if (!empty($this->fields['website'])) {
-            $ret .= "<a href='" . Toolbox::formatOutputWebLink($this->fields['website']) . "' target='_blank'>
-                  <img src='" . $CFG_GLPI["root_doc"] . "/pics/web.png' class='middle' alt=\"" .
-               __s('Web') . "\" title=\"" . __s('Web') . "\"></a>&nbsp;&nbsp;";
+            $website_url = URL::sanitizeURL(Toolbox::formatOutputWebLink($this->fields['website']));
+            if ($website_url !== '') {
+                $ret .= "<a href='" . htmlspecialchars($website_url, ENT_QUOTES, 'UTF-8') . "' target='_blank'>
+                      <img src='" . $CFG_GLPI["root_doc"] . "/pics/web.png' class='middle' alt=\"" .
+                   __s('Web') . "\" title=\"" . __s('Web') . "\"></a>&nbsp;&nbsp;";
+            }
         }
 
         if ($this->can($this->fields['id'], READ)) {