diff --git a/Theme/Backend/qa-dashboard.tpl.php b/Theme/Backend/qa-dashboard.tpl.php
index 008c245..5e59b19 100644
--- a/Theme/Backend/qa-dashboard.tpl.php
+++ b/Theme/Backend/qa-dashboard.tpl.php
@@ -9,15 +9,15 @@ echo $this->getData('nav')->render(); ?>
             <div class="inner">
                 <div class="row middle-xs">
                     <div class="col-xs-1 scores">
-                        <span class="score<?= $question->hasAccepted() ? ' done' : ''; ?>"><?= count($question->getAnswers()); ?></span>
+                        <span class="score<?= htmlspecialchars($question->hasAccepted() ? ' done' : '', ENT_COMPAT, 'utf-8'); ?>"><?= htmlspecialchars(count($question->getAnswers()), ENT_COMPAT, 'utf-8'); ?></span>
                     </div>
                     <div class="title col-xs-11">
-                        <a href="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/qa/question?{?}&id=' . $question->getId()) ?>"><?= $question->getName(); ?></a>
+                        <a href="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/qa/question?{?}&id=' . $question->getId()) , ENT_COMPAT, 'utf-8'); ?>"><?= htmlspecialchars($question->getName(); ?></a>
                     </div>
                 </div>
                 <div class="tags">
                 <?php $badges = $question->getBadges(); foreach($badges as $badge) : ?>
-                    <span class="tag red"><?= $badge->getName(); ?></span>
+                    <span class="tag red"><?= htmlspecialchars($badge->getName(), ENT_COMPAT, 'utf-8'); ?></span>
                 <?php endforeach; ?>
                 </div>
             </div>
diff --git a/Theme/Backend/qa-question.tpl.php b/Theme/Backend/qa-question.tpl.php
index 452e41d..034fdf5 100644
--- a/Theme/Backend/qa-question.tpl.php
+++ b/Theme/Backend/qa-question.tpl.php
@@ -8,9 +8,9 @@ echo $this->getData('nav')->render();
 <div class="row">
     <div class="col-xs-12">
         <section class="box wf-100">
-            <header><h1><?= $question->getName(); ?></h1></header>
+            <header><h1><?= htmlspecialchars($question->getName(), ENT_COMPAT, 'utf-8'); ?></h1></header>
             <div class="inner">
-                <?= $question->getQuestion(); ?>
+                <?= htmlspecialchars($question->getQuestion(), ENT_COMPAT, 'utf-8'); ?>
             </div>
         </section>
     </div>
@@ -21,7 +21,7 @@ echo $this->getData('nav')->render();
     <div class="col-xs-12">
         <section class="box wf-100">
             <div class="inner">
-                <?= $answer->getAnswer(); ?><?= $answer->getCreatedAt()->format('Y-m-d'); ?><?= $answer->getCreatedBy(); ?><?= $answer->getStatus(); ?><?= $answer->isAccepted(); ?>
+                <?= htmlspecialchars($answer->getAnswer(), ENT_COMPAT, 'utf-8'); ?><?= htmlspecialchars($answer->getCreatedAt()->format('Y-m-d'), ENT_COMPAT, 'utf-8'); ?><?= htmlspecialchars($answer->getCreatedBy(), ENT_COMPAT, 'utf-8'); ?><?= htmlspecialchars($answer->getStatus(), ENT_COMPAT, 'utf-8'); ?><?= htmlspecialchars($answer->isAccepted(), ENT_COMPAT, 'utf-8'); ?>
             </div>
         </section>
     </div>
diff --git a/Theme/Backend/qa-tag-list.tpl.php b/Theme/Backend/qa-tag-list.tpl.php
index 3228ddd..c40c41b 100644
--- a/Theme/Backend/qa-tag-list.tpl.php
+++ b/Theme/Backend/qa-tag-list.tpl.php
@@ -25,22 +25,22 @@ echo $this->getData('nav')->render();
     <div class="col-xs-12">
         <div class="box wf-100">
             <table class="table red">
-                <caption><?= $this->getText('Groups'); ?></caption>
+                <caption><?= $this->getHtml('Groups') ?></caption>
                 <thead>
                 <tr>
-                    <td><?= $this->getText('ID', 0, 0); ?>
-                    <td class="wf-100"><?= $this->getText('Name'); ?>
+                    <td><?= $this->getHtml('ID', 0, 0); ?>
+                    <td class="wf-100"><?= $this->getHtml('Name') ?>
                         <tfoot>
                 <tr><td colspan="2">
                         <tbody>
                         <?php $c = 0; foreach ($tags as $key => $value) : $c++;
                         $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/admin/account/settings?{?}&id=' . $value->getId()); ?>
                 <tr data-href="<?= $url; ?>">
-                    <td><a href="<?= $url; ?>"><?= $value->getId(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getName(); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getId(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getName(), ENT_COMPAT, 'utf-8'); ?></a>
                         <?php endforeach; ?>
                         <?php if($c === 0) : ?>
-                        <tr><td colspan="2" class="empty"><?= $this->getText('Empty', 0, 0); ?>
+                        <tr><td colspan="2" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
                                 <?php endif; ?>
             </table>
         </div>

getText('ID', 0, 0); ?> -	getText('Name'); ?> +	getHtml('ID', 0, 0); ?> +	getHtml('Name') ?>

getId(); ?> -	getName(); ?> +	getId(), ENT_COMPAT, 'utf-8'); ?> +	getName(), ENT_COMPAT, 'utf-8'); ?> -
getText('Empty', 0, 0); ?> +
getHtml('Empty', 0, 0); ?>