diff --git a/application/forms/Dashboard/DashletForm.php b/application/forms/Dashboard/DashletForm.php
index d25001a23..1e31a938d 100644
--- a/application/forms/Dashboard/DashletForm.php
+++ b/application/forms/Dashboard/DashletForm.php
@@ -77,7 +77,21 @@ class DashletForm extends Form
             array(
                 'required'      => true,
                 'label'         => $this->translate('Dashlet Title'),
-                'description'   => $this->translate('Enter a title for the dashlet.')
+                'description'   => $this->translate('Enter a title for the dashlet.'),
+                'validators'    =>  array(
+                    array(
+                        'Regex',
+                        false,
+                        array(
+                            'pattern'  => '/^[^\\[\\]]+$/',
+                            'messages' => array(
+                                'regexNotMatch' => $this->translate(
+                                    'The name cannot contain \'[\' or \']\'.'
+                                )
+                            )
+                        )
+                    )
+                )
             )
         );
         $this->addElement(
diff --git a/library/Icinga/File/Ini/IniEditor.php b/library/Icinga/File/Ini/IniEditor.php
index 349fe5a79..6878e4166 100644
--- a/library/Icinga/File/Ini/IniEditor.php
+++ b/library/Icinga/File/Ini/IniEditor.php
@@ -2,6 +2,7 @@
 /* Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */
 
 namespace Icinga\File\Ini;
+use Icinga\Exception\ConfigurationError;
 
 /**
  * Edit the sections and keys of an ini in-place
@@ -176,6 +177,9 @@ class IniEditor
      */
     public function setSection($section, $extend = null)
     {
+        if (false !== strpos($section, '[') || false !== strpos($section, ']')) {
+            throw new ConfigurationError('Brackets not allowed in section: %s', $section);
+        }
         if (isset($extend)) {
             $decl = '[' . $section . ' : ' . $extend . ']';
         } else {