diff --git a/erpnext/patches/v11_0/update_total_qty_field.py b/erpnext/patches/v11_0/update_total_qty_field.py
index 992454ac7c..51358e9545 100644
--- a/erpnext/patches/v11_0/update_total_qty_field.py
+++ b/erpnext/patches/v11_0/update_total_qty_field.py
@@ -40,7 +40,7 @@ def execute():
 			# This is probably never used anywhere else as of now, but should be
 			values = []
 			for d in batch_transactions:
-				values.append("('{}', {})".format(d.parent, d.qty))
+				values.append("('{}', {})".format(frappe.db.escape(d.parent), d.qty))
 			conditions = ",".join(values)
 			frappe.db.sql("""
 				INSERT INTO `tab{}` (name, total_qty) VALUES {}