Index: media.php
===================================================================
--- media.php	(revision 11086)
+++ media.php	(working copy)
@@ -684,7 +684,7 @@
 		if ( $captiontag && trim($attachment->post_excerpt) ) {
 			$output .= "
 				<{$captiontag} class='gallery-caption'>
-				{$attachment->post_excerpt}
+				{" . wp_specialchars($attachment->post_excerpt) . "}
 				</{$captiontag}>";
 		}
 		$output .= "</{$itemtag}>";