diff --git a/CHANGELOG.md b/CHANGELOG.md
index ee0caac..62053dd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -18,6 +18,7 @@ Add your changes below.
 
 - Fixed dead link in README.md
 - Corrected Spotify/Spotipy typo in documentation
+- Sanitize HTML error message output for OAuth flow
 
 ### Removed
 
diff --git a/spotipy/oauth2.py b/spotipy/oauth2.py
index 23e3faf..60f00b9 100644
--- a/spotipy/oauth2.py
+++ b/spotipy/oauth2.py
@@ -8,6 +8,7 @@ __all__ = [
 ]
 
 import base64
+import html
 import logging
 import os
 import time
@@ -1252,7 +1253,7 @@ class RequestHandler(BaseHTTPRequestHandler):
         if self.server.auth_code:
             status = "successful"
         elif self.server.error:
-            status = f"failed ({self.server.error})"
+            status = f"failed ({html.escape(str(self.server.error))})"
         else:
             self._write("<html><body><h1>Invalid request</h1></body></html>")
             return