Index: modules/user/user.admin.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.admin.inc,v
retrieving revision 1.49
diff -u -p -r1.49 user.admin.inc
--- modules/user/user.admin.inc	16 May 2009 20:10:50 -0000	1.49
+++ modules/user/user.admin.inc	19 May 2009 19:21:13 -0000
@@ -716,7 +716,7 @@ function user_admin_role() {
     $form['name'] = array(
       '#type' => 'textfield',
       '#title' => t('Role name'),
-      '#default_value' => $role->name,
+      '#default_value' => check_plain($role->name),
       '#size' => 30,
       '#required' => TRUE,
       '#maxlength' => 64,
Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.987
diff -u -p -r1.987 user.module
--- modules/user/user.module	16 May 2009 15:23:16 -0000	1.987
+++ modules/user/user.module	19 May 2009 19:21:13 -0000
@@ -2155,14 +2155,14 @@ function user_roles($membersonly = FALSE
       // We only translate the built in role names
       case DRUPAL_ANONYMOUS_RID:
         if (!$membersonly) {
-          $roles[$role->rid] = t($role->name);
+          $roles[$role->rid] = check_plain(t($role->name));
         }
         break;
       case DRUPAL_AUTHENTICATED_RID:
-        $roles[$role->rid] = t($role->name);
+        $roles[$role->rid] = check_plain(t($role->name));
         break;
       default:
-        $roles[$role->rid] = $role->name;
+        $roles[$role->rid] = check_plain($role->name);
     }
   }