diff --git a/src/SemanticsEnforcer.ts b/src/SemanticsEnforcer.ts
index 16103ab53..397bfe1fe 100644
--- a/src/SemanticsEnforcer.ts
+++ b/src/SemanticsEnforcer.ts
@@ -1,5 +1,5 @@
 import sanitizeHtml from 'sanitize-html';
-import { escape } from 'html-escaper';
+import { escape, unescape } from 'html-escaper';
 
 import { ContentScanner } from './ContentScanner';
 import LibraryManager from './LibraryManager';
@@ -242,7 +242,9 @@ export default class SemanticsEnforcer {
         } else {
             log.debug('Filtering out all HTML tags');
             // Escape all HTML tags if the field doesn't allow HTML in general.
-            newText = escape(newText);
+            // We avoid double escaping like & becoming & by
+            // unescaping first.
+            newText = escape(unescape(newText));
         }
 
         // Check if string has the required length
diff --git a/test/SemanticsEnforcer.text.test.ts b/test/SemanticsEnforcer.text.test.ts
index f31f81700..3fb883238 100644
--- a/test/SemanticsEnforcer.text.test.ts
+++ b/test/SemanticsEnforcer.text.test.ts
@@ -97,6 +97,14 @@ describe('SemanticsEnforcer', () => {
         await compare('Hello world!', 'Hello world!');
     });
 
+    it("doesn't escape already escaped text.", async () => {
+        await compare('Hello & world!', 'Hello & world!');
+    });
+
+    it('escapes dangerous characters in simple text', async () => {
+        await compare('Hello & world!', 'Hello & world!');
+    });
+
     it("strips html tags from text that doesn't allow html", async () => {
         await compare(
             '<script>alert("Danger!");</script>Hello world!',