diff --git a/lib/brakeman/processors/erubis_template_processor.rb b/lib/brakeman/processors/erubis_template_processor.rb
index 8c79339e6913eff9c382e23f8c1ae45bd1a383f1..61550c724c7342beca1421041a74c0d1d83f8c76 100644
--- a/lib/brakeman/processors/erubis_template_processor.rb
+++ b/lib/brakeman/processors/erubis_template_processor.rb
@@ -80,6 +80,11 @@ class Brakeman::ErubisTemplateProcessor < Brakeman::TemplateProcessor
 
         if arg.node_type == :str
           ignore
+        elsif exp.method == :safe_append=
+          s = Sexp.new :output, arg
+          s.line(exp.line)
+          @current_template[:outputs] << s
+          s
         else
           s = Sexp.new :escaped_output, arg
           s.line(exp.line)
diff --git a/test/apps/rails4/app/views/users/index.html.erb b/test/apps/rails4/app/views/users/index.html.erb
index 72cc8f90c4d6c79f8958d01d6f2c733f5b4bd493..73fbdcdca14bb92f82bd51cd40bbb58f28dd88a8 100644
--- a/test/apps/rails4/app/views/users/index.html.erb
+++ b/test/apps/rails4/app/views/users/index.html.erb
@@ -13,3 +13,5 @@
 <%= number_to_percentage(params[:cost], negative_format: params[:format]) %>
 
 <%= render Thing.new(content: render(partial: "stuff")) %>
+
+<%== params[:double] %>
diff --git a/test/tests/rails4.rb b/test/tests/rails4.rb
index ae6843f6c4a43a5e70addefd0a2214038a282ae5..c8df39ef9dbc927c148ae9ba92d30501075f8bb2 100644
--- a/test/tests/rails4.rb
+++ b/test/tests/rails4.rb
@@ -13,7 +13,7 @@ class Rails4Tests < Test::Unit::TestCase
     @expected ||= {
       :controller => 0,
       :model => 2,
-      :template => 3,
+      :template => 4,
       :generic => 58
     }
   end
@@ -560,6 +560,18 @@ class Rails4Tests < Test::Unit::TestCase
       :user_input => nil
   end
 
+  def test_cross_site_scripting_with_double_equals
+    assert_warning :type => :template,
+      :warning_code => 2,
+      :fingerprint => "046c3a770f455c30aa5e3a49bc1309e6511c142783e2f1d0c0eddcbcef366cef",
+      :warning_type => "Cross Site Scripting",
+      :line => 16,
+      :message => /^Unescaped\ parameter\ value/,
+      :confidence => 0,
+      :relative_path => "app/views/users/index.html.erb",
+      :user_input => nil
+  end
+
   def test_xss_haml_line_number
     assert_warning :type => :template,
       :warning_code => 2,