diff --git a/Theme/Backend/category-list.tpl.php b/Theme/Backend/category-list.tpl.php
index cc9c0c8..51d9883 100644
--- a/Theme/Backend/category-list.tpl.php
+++ b/Theme/Backend/category-list.tpl.php
@@ -19,22 +19,22 @@ echo $this->getData('nav')->render(); ?>
     <div class="col-xs-12">
         <div class="box wf-100">
             <table class="table red">
-                <caption><?= $this->getText('Causes'); ?></caption>
+                <caption><?= $this->getHtml('Causes') ?></caption>
                 <thead>
                 <tr>
-                    <td><?= $this->getText('ID', 0, 0); ?>
-                    <td class="wf-100"><?= $this->getText('Title'); ?>
+                    <td><?= $this->getHtml('ID', 0, 0); ?>
+                    <td class="wf-100"><?= $this->getHtml('Title') ?>
                         <tfoot>
                 <tr><td colspan="3">
                         <tbody>
                         <?php $c = 0; foreach ($categories as $key => $value) : $c++;
                         $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/riskmanagement/category/single?{?}&id=' . $value->getId()); ?>
                 <tr data-href="<?= $url; ?>">
-                    <td><a href="<?= $url; ?>"><?= $value->getId(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getTitle(); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getId(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getTitle(), ENT_COMPAT, 'utf-8'); ?></a>
                         <?php endforeach; ?>
                         <?php if($c === 0) : ?>
-                        <tr><td colspan="3" class="empty"><?= $this->getText('Empty', 0, 0); ?>
+                        <tr><td colspan="3" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
                                 <?php endif; ?>
             </table>
         </div>
diff --git a/Theme/Backend/cause-list.tpl.php b/Theme/Backend/cause-list.tpl.php
index c6ff143..65affde 100644
--- a/Theme/Backend/cause-list.tpl.php
+++ b/Theme/Backend/cause-list.tpl.php
@@ -19,24 +19,24 @@ echo $this->getData('nav')->render(); ?>
     <div class="col-xs-12">
         <div class="box wf-100">
             <table class="table red">
-                <caption><?= $this->getText('Causes'); ?></caption>
+                <caption><?= $this->getHtml('Causes') ?></caption>
                 <thead>
                 <tr>
-                    <td><?= $this->getText('ID', 0, 0); ?>
-                    <td class="wf-100"><?= $this->getText('Title'); ?>
-                    <td><?= $this->getText('Risk'); ?>
+                    <td><?= $this->getHtml('ID', 0, 0); ?>
+                    <td class="wf-100"><?= $this->getHtml('Title') ?>
+                    <td><?= $this->getHtml('Risk') ?>
                         <tfoot>
                 <tr><td colspan="3">
                         <tbody>
                         <?php $c = 0; foreach ($causes as $key => $value) : $c++;
                         $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/riskmanagement/cause/single?{?}&id=' . $value->getId()); ?>
                 <tr data-href="<?= $url; ?>">
-                    <td><a href="<?= $url; ?>"><?= $value->getId(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getTitle(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getRisk()->getName(); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getId(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getTitle(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getRisk()->getName(), ENT_COMPAT, 'utf-8'); ?></a>
                         <?php endforeach; ?>
                         <?php if($c === 0) : ?>
-                        <tr><td colspan="3" class="empty"><?= $this->getText('Empty', 0, 0); ?>
+                        <tr><td colspan="3" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
                                 <?php endif; ?>
             </table>
         </div>
diff --git a/Theme/Backend/cockpit.tpl.php b/Theme/Backend/cockpit.tpl.php
index 7e14c75..ca3c709 100644
--- a/Theme/Backend/cockpit.tpl.php
+++ b/Theme/Backend/cockpit.tpl.php
@@ -29,31 +29,31 @@ echo $this->getData('nav')->render(); ?>
     <div class="col-xs-12 col-md-9">
         <div class="box wf-100">
             <table class="table red">
-                <caption><?= $this->getText('TopRisks'); ?></caption>
+                <caption><?= $this->getHtml('TopRisks') ?></caption>
                 <thead>
                 <tr>
-                    <td><?= $this->getText('Severity'); ?>
-                    <td class="wf-100"><?= $this->getText('Name'); ?>
-                    <td><?= $this->getText('Department'); ?>
-                    <td><?= $this->getText('Category'); ?>
-                    <td><?= $this->getText('Process'); ?>
-                    <td><?= $this->getText('Project'); ?>
-                    <td><?= $this->getText('Unit'); ?>
+                    <td><?= $this->getHtml('Severity') ?>
+                    <td class="wf-100"><?= $this->getHtml('Name') ?>
+                    <td><?= $this->getHtml('Department') ?>
+                    <td><?= $this->getHtml('Category') ?>
+                    <td><?= $this->getHtml('Process') ?>
+                    <td><?= $this->getHtml('Project') ?>
+                    <td><?= $this->getHtml('Unit') ?>
                 <tfoot>
-                <tr><td colspan="6"><?= $footerView->render(); ?>
+                <tr><td colspan="6"><?= htmlspecialchars($footerView->render(), ENT_COMPAT, 'utf-8'); ?>
                 <tbody>
                 <?php $c = 0; foreach ([] as $key => $value) : $c++;
                 $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/admin/group/settings?{?}&id=' . $value->getId()); ?>
                 <tr>
-                    <td><a href="<?= $url; ?>"><?= $value->getId(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getName(); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getId(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getName(), ENT_COMPAT, 'utf-8'); ?></a>
                     <td>
                     <td>
                     <td>
                     <td>
                         <?php endforeach; ?>
                         <?php if($c === 0) : ?>
-                <tr><td colspan="7" class="empty"><?= $this->getText('Empty', 0, 0); ?>
+                <tr><td colspan="7" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
                         <?php endif; ?>
             </table>
         </div>
@@ -62,38 +62,38 @@ echo $this->getData('nav')->render(); ?>
     <div class="col-xs-12 col-md-3">
         <section class="box wf-100">
             <div class="inner">
-                <a class="button" href="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/controlling/riskmanagement/risk/create'); ?>"><?= $this->getText('NewRisk'); ?></a>
+                <a class="button" href="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/controlling/riskmanagement/risk/create'); ?>"><?= $this->getHtml('NewRisk') ?></a>
             </div>
         </section>
 
         <section class="box wf-100">
-            <header><h1><?= $this->getText('Statistics'); ?></h1></header>
+            <header><h1><?= $this->getHtml('Statistics') ?></h1></header>
             <div class="inner">
                 <table class="list">
                     <thead>
                     <tr>
-                        <th><?= $this->getText('Risks'); ?>
+                        <th><?= $this->getHtml('Risks') ?>
                         <td>0
                     <tr>
-                        <th><?= $this->getText('Causes'); ?>
+                        <th><?= $this->getHtml('Causes') ?>
                         <td>0
                     <tr>
-                        <th><?= $this->getText('Solutions'); ?>
+                        <th><?= $this->getHtml('Solutions') ?>
                         <td>0
                     <tr>
-                        <th><?= $this->getText('Department'); ?>
+                        <th><?= $this->getHtml('Department') ?>
                         <td>0
                     <tr>
-                        <th><?= $this->getText('Category'); ?>
+                        <th><?= $this->getHtml('Category') ?>
                         <td>0
                     <tr>
-                        <th><?= $this->getText('Process'); ?>
+                        <th><?= $this->getHtml('Process') ?>
                         <td>0
                     <tr>
-                        <th><?= $this->getText('Project'); ?>
+                        <th><?= $this->getHtml('Project') ?>
                         <td>0
                     <tr>
-                        <th><?= $this->getText('Total'); ?>
+                        <th><?= $this->getHtml('Total') ?>
                         <td>0
                 </table>
             </div>
diff --git a/Theme/Backend/department-list.tpl.php b/Theme/Backend/department-list.tpl.php
index d218870..5856462 100644
--- a/Theme/Backend/department-list.tpl.php
+++ b/Theme/Backend/department-list.tpl.php
@@ -19,22 +19,22 @@ echo $this->getData('nav')->render(); ?>
     <div class="col-xs-12">
         <div class="box wf-100">
             <table class="table red">
-                <caption><?= $this->getText('Causes'); ?></caption>
+                <caption><?= $this->getHtml('Causes') ?></caption>
                 <thead>
                 <tr>
-                    <td><?= $this->getText('ID', 0, 0); ?>
-                    <td class="wf-100"><?= $this->getText('Title'); ?>
+                    <td><?= $this->getHtml('ID', 0, 0); ?>
+                    <td class="wf-100"><?= $this->getHtml('Title') ?>
                         <tfoot>
                 <tr><td colspan="3">
                         <tbody>
                         <?php $c = 0; foreach ($departments as $key => $value) : $c++;
                         $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/riskmanagement/department/single?{?}&id=' . $value->getId()); ?>
                 <tr data-href="<?= $url; ?>">
-                    <td><a href="<?= $url; ?>"><?= $value->getId(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getDepartment()->getName(); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getId(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getDepartment()->getName(), ENT_COMPAT, 'utf-8'); ?></a>
                         <?php endforeach; ?>
                         <?php if($c === 0) : ?>
-                        <tr><td colspan="3" class="empty"><?= $this->getText('Empty', 0, 0); ?>
+                        <tr><td colspan="3" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
                                 <?php endif; ?>
             </table>
         </div>
diff --git a/Theme/Backend/process-list.tpl.php b/Theme/Backend/process-list.tpl.php
index 31de307..c04199c 100644
--- a/Theme/Backend/process-list.tpl.php
+++ b/Theme/Backend/process-list.tpl.php
@@ -19,22 +19,22 @@ echo $this->getData('nav')->render(); ?>
     <div class="col-xs-12">
         <div class="box wf-100">
             <table class="table red">
-                <caption><?= $this->getText('Causes'); ?></caption>
+                <caption><?= $this->getHtml('Causes') ?></caption>
                 <thead>
                 <tr>
-                    <td><?= $this->getText('ID', 0, 0); ?>
-                    <td class="wf-100"><?= $this->getText('Title'); ?>
+                    <td><?= $this->getHtml('ID', 0, 0); ?>
+                    <td class="wf-100"><?= $this->getHtml('Title') ?>
                         <tfoot>
                 <tr><td colspan="3">
                         <tbody>
                         <?php $c = 0; foreach ($processes as $key => $value) : $c++;
                         $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/riskmanagement/process/single?{?}&id=' . $value->getId()); ?>
                 <tr data-href="<?= $url; ?>">
-                    <td><a href="<?= $url; ?>"><?= $value->getId(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getTitle(); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getId(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getTitle(), ENT_COMPAT, 'utf-8'); ?></a>
                         <?php endforeach; ?>
                         <?php if($c === 0) : ?>
-                        <tr><td colspan="3" class="empty"><?= $this->getText('Empty', 0, 0); ?>
+                        <tr><td colspan="3" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
                                 <?php endif; ?>
             </table>
         </div>
diff --git a/Theme/Backend/project-list.tpl.php b/Theme/Backend/project-list.tpl.php
index 2bd72d6..84a1ca3 100644
--- a/Theme/Backend/project-list.tpl.php
+++ b/Theme/Backend/project-list.tpl.php
@@ -19,22 +19,22 @@ echo $this->getData('nav')->render(); ?>
     <div class="col-xs-12">
         <div class="box wf-100">
             <table class="table red">
-                <caption><?= $this->getText('Causes'); ?></caption>
+                <caption><?= $this->getHtml('Causes') ?></caption>
                 <thead>
                 <tr>
-                    <td><?= $this->getText('ID', 0, 0); ?>
-                    <td class="wf-100"><?= $this->getText('Title'); ?>
+                    <td><?= $this->getHtml('ID', 0, 0); ?>
+                    <td class="wf-100"><?= $this->getHtml('Title') ?>
                         <tfoot>
                 <tr><td colspan="3">
                         <tbody>
                         <?php $c = 0; foreach ($projects as $key => $value) : $c++;
                         $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/riskmanagement/project/single?{?}&id=' . $value->getId()); ?>
                 <tr data-href="<?= $url; ?>">
-                    <td><a href="<?= $url; ?>"><?= $value->getId(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getProject()->getName(); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getId(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getProject()->getName(), ENT_COMPAT, 'utf-8'); ?></a>
                         <?php endforeach; ?>
                         <?php if($c === 0) : ?>
-                        <tr><td colspan="3" class="empty"><?= $this->getText('Empty', 0, 0); ?>
+                        <tr><td colspan="3" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
                                 <?php endif; ?>
             </table>
         </div>
diff --git a/Theme/Backend/risk-create.tpl.php b/Theme/Backend/risk-create.tpl.php
index b0b120d..2eb7df1 100644
--- a/Theme/Backend/risk-create.tpl.php
+++ b/Theme/Backend/risk-create.tpl.php
@@ -17,11 +17,11 @@ echo $this->getData('nav')->render(); ?>
 <div class="tabular-2">
     <div class="box">
         <ul class="tab-links">
-            <li><label for="c-tab-1"><?= $this->getText('Risk') ?></label>
-            <li><label for="c-tab-2"><?= $this->getText('RiskStatus') ?></label>
-            <li><label for="c-tab-3"><?= $this->getText('RiskObjects') ?></label>
-            <li><label for="c-tab-4"><?= $this->getText('RiskObjectStatus') ?></label>
-            <li><label for="c-tab-5"><?= $this->getText('Solutions') ?></label>
+            <li><label for="c-tab-1"><?= $this->getHtml('Risk'); ?></label>
+            <li><label for="c-tab-2"><?= $this->getHtml('RiskStatus'); ?></label>
+            <li><label for="c-tab-3"><?= $this->getHtml('RiskObjects'); ?></label>
+            <li><label for="c-tab-4"><?= $this->getHtml('RiskObjectStatus'); ?></label>
+            <li><label for="c-tab-5"><?= $this->getHtml('Solutions'); ?></label>
         </ul>
     </div>
     <div class="tab-content">
@@ -30,27 +30,27 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Risk'); ?></h1></header>
+                        <header><h1><?= $this->getHtml('Risk') ?></h1></header>
 
                         <div class="inner">
                             <form id="fRisk"  method="POST" action="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/api/controlling/riskmanagement?{?}&csrf={$CSRF}'); ?>">
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td><label for="iName"><?= $this->getText('Name'); ?></label>
-                                    <tr><td><input type="text" id="iName" name="name" placeholder="&#xf040; <?= $this->getText('Name'); ?>" required>
-                                    <tr><td><label for="iDescription"><?= $this->getText('Description'); ?></label>
+                                    <tr><td><label for="iName"><?= $this->getHtml('Name') ?></label>
+                                    <tr><td><input type="text" id="iName" name="name" placeholder="&#xf040; <?= $this->getHtml('Name') ?>" required>
+                                    <tr><td><label for="iDescription"><?= $this->getHtml('Description') ?></label>
                                     <tr><td><textarea id="iDescription" name="description"></textarea>
-                                    <tr><td><label for="iCategory"><?= $this->getText('Category'); ?></label>
-                                    <tr><td><input type="text" id="iCategory" name="category" placeholder="&#xf040; <?= $this->getText('Category'); ?>">
-                                    <tr><td><label for="iDepartment"><?= $this->getText('Department'); ?></label>
-                                    <tr><td><input type="text" id="iDepartment" name="department" placeholder="&#xf040; <?= $this->getText('Department'); ?>">
-                                    <tr><td><label for="iProcess"><?= $this->getText('Process'); ?></label>
-                                    <tr><td><input type="text" id="iProcess" name="process" placeholder="&#xf040; <?= $this->getText('Process'); ?>">
-                                    <tr><td><label for="iProject"><?= $this->getText('Project'); ?></label>
-                                    <tr><td><input type="text" id="iProject" name="project" placeholder="&#xf040; <?= $this->getText('Project'); ?>">
-                                    <tr><td><label for="iReview"><?= $this->getText('Review'); ?></label>
-                                    <tr><td><input type="datetime-local" id="iReview" name="Review" value="<?= (new \DateTime('NOW'))->format('Y-m-d\TH:i:s') ?>">
-                                    <tr><td><input type="submit" value="<?= $this->getText('Create', 0, 0); ?>">
+                                    <tr><td><label for="iCategory"><?= $this->getHtml('Category') ?></label>
+                                    <tr><td><input type="text" id="iCategory" name="category" placeholder="&#xf040; <?= $this->getHtml('Category') ?>">
+                                    <tr><td><label for="iDepartment"><?= $this->getHtml('Department') ?></label>
+                                    <tr><td><input type="text" id="iDepartment" name="department" placeholder="&#xf040; <?= $this->getHtml('Department') ?>">
+                                    <tr><td><label for="iProcess"><?= $this->getHtml('Process') ?></label>
+                                    <tr><td><input type="text" id="iProcess" name="process" placeholder="&#xf040; <?= $this->getHtml('Process') ?>">
+                                    <tr><td><label for="iProject"><?= $this->getHtml('Project') ?></label>
+                                    <tr><td><input type="text" id="iProject" name="project" placeholder="&#xf040; <?= $this->getHtml('Project') ?>">
+                                    <tr><td><label for="iReview"><?= $this->getHtml('Review') ?></label>
+                                    <tr><td><input type="datetime-local" id="iReview" name="Review" value="<?= htmlspecialchars((new \DateTime('NOW'))->format('Y-m-d\TH:i:s') , ENT_COMPAT, 'utf-8'); ?>">
+                                    <tr><td><input type="submit" value="<?= $this->getHtml('Create', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -59,15 +59,15 @@ echo $this->getData('nav')->render(); ?>
             
                 <div class="col-xs-12 col-md-6">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Media'); ?></h1></header>
+                        <header><h1><?= $this->getHtml('Media') ?></h1></header>
 
                         <div class="inner">
                             <form>
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td colspan="2"><label for="iMedia"><?= $this->getText('Media'); ?></label>
-                                    <tr><td><input type="text" id="iMedia" placeholder="&#xf15b; File"><td><button><?= $this->getText('Select'); ?></button>
-                                    <tr><td colspan="2"><label for="iUpload"><?= $this->getText('Upload'); ?></label>
+                                    <tr><td colspan="2"><label for="iMedia"><?= $this->getHtml('Media') ?></label>
+                                    <tr><td><input type="text" id="iMedia" placeholder="&#xf15b; File"><td><button><?= $this->getHtml('Select') ?></button>
+                                    <tr><td colspan="2"><label for="iUpload"><?= $this->getHtml('Upload') ?></label>
                                     <tr><td><input type="file" id="iUpload" form="fTask"><input form="fTask" type="hidden" name="type"><td>
                                 </table>
                             </form>
@@ -79,17 +79,17 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Responsibility'); ?></h1></header>
+                        <header><h1><?= $this->getHtml('Responsibility') ?></h1></header>
 
                         <div class="inner">
                             <form>
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td><label for="iResponsibility"><?= $this->getText('Responsibility'); ?></label><td><label for="iUser"><?= $this->getText('UserGroup'); ?></label><td>
+                                    <tr><td><label for="iResponsibility"><?= $this->getHtml('Responsibility') ?></label><td><label for="iUser"><?= $this->getHtml('UserGroup') ?></label><td>
                                     <tr><td><select id="iStatus" name="status">
                                                 <option value="">
                                             </select>
-                                        <td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input type="text" id="iUser" name="user" placeholder=""></span><td><button><?= $this->getText('Add', 0, 0); ?></button>
+                                        <td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input type="text" id="iUser" name="user" placeholder=""></span><td><button><?= $this->getHtml('Add', 0, 0); ?></button>
                                 </table>
                             </form>
                         </div>
@@ -102,31 +102,31 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('RiskStatus'); ?></h1></header>
+                        <header><h1><?= $this->getHtml('RiskStatus') ?></h1></header>
 
                         <div class="inner">
                             <form id="fRisk"  method="POST" action="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/api/controlling/riskmanagement?{?}&csrf={$CSRF}'); ?>">
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td><label for="iRiskConsequence"><?= $this->getText('RiskConsequence'); ?></label>
+                                    <tr><td><label for="iRiskConsequence"><?= $this->getHtml('RiskConsequence') ?></label>
                                     <tr><td><select id="iRiskConsequence" name="riskconsequence">
 
                                             </select>
-                                    <tr><td><label for="iRiskLikelihood"><?= $this->getText('RiskLikelihood'); ?></label>
+                                    <tr><td><label for="iRiskLikelihood"><?= $this->getHtml('RiskLikelihood') ?></label>
                                     <tr><td><select id="iRiskLikelihood" name="risklikelihood">
 
                                             </select>
-                                    <tr><td><label for="iRiskConsequence"><?= $this->getText('RiskConsequence'); ?></label>
+                                    <tr><td><label for="iRiskConsequence"><?= $this->getHtml('RiskConsequence') ?></label>
                                     <tr><td><select id="iRiskConsequence" name="riskconsequence">
 
                                             </select>
-                                    <tr><td><label for="iRiskLikelihood"><?= $this->getText('RiskLikelihood'); ?></label>
+                                    <tr><td><label for="iRiskLikelihood"><?= $this->getHtml('RiskLikelihood') ?></label>
                                     <tr><td><select id="iRiskLikelihood" name="risklikelihood">
 
                                             </select>
-                                    <tr><td><label for="iRiskStatusDescription"><?= $this->getText('Description'); ?></label>
+                                    <tr><td><label for="iRiskStatusDescription"><?= $this->getHtml('Description') ?></label>
                                     <tr><td><textarea id="iRiskStatusDescription" name="riskstatusdescription"></textarea>
-                                    <tr><td><input type="submit" value="<?= $this->getText('Create', 0, 0); ?>">
+                                    <tr><td><input type="submit" value="<?= $this->getHtml('Create', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -135,15 +135,15 @@ echo $this->getData('nav')->render(); ?>
 
                 <div class="col-xs-12 col-md-6">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Media'); ?></h1></header>
+                        <header><h1><?= $this->getHtml('Media') ?></h1></header>
 
                         <div class="inner">
                             <form>
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td colspan="2"><label for="iMedia"><?= $this->getText('Media'); ?></label>
-                                    <tr><td><input type="text" id="iMedia" placeholder="&#xf15b; File"><td><button><?= $this->getText('Select'); ?></button>
-                                    <tr><td colspan="2"><label for="iUpload"><?= $this->getText('Upload'); ?></label>
+                                    <tr><td colspan="2"><label for="iMedia"><?= $this->getHtml('Media') ?></label>
+                                    <tr><td><input type="text" id="iMedia" placeholder="&#xf15b; File"><td><button><?= $this->getHtml('Select') ?></button>
+                                    <tr><td colspan="2"><label for="iUpload"><?= $this->getHtml('Upload') ?></label>
                                     <tr><td><input type="file" id="iUpload" form="fTask"><input form="fTask" type="hidden" name="type"><td>
                                 </table>
                             </form>
@@ -157,17 +157,17 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('RiskObjects'); ?></h1></header>
+                        <header><h1><?= $this->getHtml('RiskObjects') ?></h1></header>
 
                         <div class="inner">
                             <form id="fRisk"  method="POST" action="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/api/controlling/riskmanagement?{?}&csrf={$CSRF}'); ?>">
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td><label for="iRiskObjectName"><?= $this->getText('Name'); ?></label>
-                                    <tr><td><input type="text" id="iRiskObjectName" name="riskobjectname" placeholder="&#xf040; <?= $this->getText('Name'); ?>">
-                                    <tr><td><label for="iRiskObjectDescription"><?= $this->getText('Description'); ?></label>
+                                    <tr><td><label for="iRiskObjectName"><?= $this->getHtml('Name') ?></label>
+                                    <tr><td><input type="text" id="iRiskObjectName" name="riskobjectname" placeholder="&#xf040; <?= $this->getHtml('Name') ?>">
+                                    <tr><td><label for="iRiskObjectDescription"><?= $this->getHtml('Description') ?></label>
                                     <tr><td><textarea id="iRiskObjectDescription" name="riskobjectdescription"></textarea>
-                                    <tr><td><input type="submit" value="<?= $this->getText('Create', 0, 0); ?>">
+                                    <tr><td><input type="submit" value="<?= $this->getHtml('Create', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -176,15 +176,15 @@ echo $this->getData('nav')->render(); ?>
 
                 <div class="col-xs-12 col-md-6">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Media'); ?></h1></header>
+                        <header><h1><?= $this->getHtml('Media') ?></h1></header>
 
                         <div class="inner">
                             <form>
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td colspan="2"><label for="iMedia"><?= $this->getText('Media'); ?></label>
-                                    <tr><td><input type="text" id="iMedia" placeholder="&#xf15b; File"><td><button><?= $this->getText('Select'); ?></button>
-                                    <tr><td colspan="2"><label for="iUpload"><?= $this->getText('Upload'); ?></label>
+                                    <tr><td colspan="2"><label for="iMedia"><?= $this->getHtml('Media') ?></label>
+                                    <tr><td><input type="text" id="iMedia" placeholder="&#xf15b; File"><td><button><?= $this->getHtml('Select') ?></button>
+                                    <tr><td colspan="2"><label for="iUpload"><?= $this->getHtml('Upload') ?></label>
                                     <tr><td><input type="file" id="iUpload" form="fTask"><input form="fTask" type="hidden" name="type"><td>
                                 </table>
                             </form>
@@ -198,21 +198,21 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('RiskObjectStatus'); ?></h1></header>
+                        <header><h1><?= $this->getHtml('RiskObjectStatus') ?></h1></header>
 
                         <div class="inner">
                             <form id="fRisk"  method="POST" action="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/api/controlling/riskmanagement?{?}&csrf={$CSRF}'); ?>">
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td><label for="iRiskObjectNameValue"><?= $this->getText('RiskObject'); ?></label>
+                                    <tr><td><label for="iRiskObjectNameValue"><?= $this->getHtml('RiskObject') ?></label>
                                     <tr><td><select id="iRiskObjectNameValue" name="riskobjectnamevalue">
 
                                             </select>
-                                    <tr><td><label for="iRiskObjecValue"><?= $this->getText('Value'); ?></label>
+                                    <tr><td><label for="iRiskObjecValue"><?= $this->getHtml('Value') ?></label>
                                     <tr><td><input type="text" id="iRiskObjecValue" name="riskobjectvalue">
-                                    <tr><td><label for="iRiskObjecValueDescription"><?= $this->getText('Description'); ?></label>
+                                    <tr><td><label for="iRiskObjecValueDescription"><?= $this->getHtml('Description') ?></label>
                                     <tr><td><textarea id="iRiskObjecValueDescription" name="riskobjectvaluedescription"></textarea>
-                                    <tr><td><input type="submit" value="<?= $this->getText('Create', 0, 0); ?>">
+                                    <tr><td><input type="submit" value="<?= $this->getHtml('Create', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -221,15 +221,15 @@ echo $this->getData('nav')->render(); ?>
 
                 <div class="col-xs-12 col-md-6">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Media'); ?></h1></header>
+                        <header><h1><?= $this->getHtml('Media') ?></h1></header>
 
                         <div class="inner">
                             <form>
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td colspan="2"><label for="iMedia"><?= $this->getText('Media'); ?></label>
-                                    <tr><td><input type="text" id="iMedia" placeholder="&#xf15b; File"><td><button><?= $this->getText('Select'); ?></button>
-                                    <tr><td colspan="2"><label for="iUpload"><?= $this->getText('Upload'); ?></label>
+                                    <tr><td colspan="2"><label for="iMedia"><?= $this->getHtml('Media') ?></label>
+                                    <tr><td><input type="text" id="iMedia" placeholder="&#xf15b; File"><td><button><?= $this->getHtml('Select') ?></button>
+                                    <tr><td colspan="2"><label for="iUpload"><?= $this->getHtml('Upload') ?></label>
                                     <tr><td><input type="file" id="iUpload" form="fTask"><input form="fTask" type="hidden" name="type"><td>
                                 </table>
                             </form>
@@ -243,20 +243,20 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Solution'); ?></h1></header>
+                        <header><h1><?= $this->getHtml('Solution') ?></h1></header>
 
                         <div class="inner">
                             <form id="fRisk"  method="POST" action="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/api/controlling/riskmanagement?{?}&csrf={$CSRF}'); ?>">
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td><label for="iSolutionName"><?= $this->getText('Name'); ?></label>
+                                    <tr><td><label for="iSolutionName"><?= $this->getHtml('Name') ?></label>
                                     <tr><td><input type="text" id="iSolutionName" name="solutionname">
-                                    <tr><td><label for="iSolutioType"><?= $this->getText('Type'); ?></label>
+                                    <tr><td><label for="iSolutioType"><?= $this->getHtml('Type') ?></label>
                                     <tr><td><select id="iSolutioType" name="solutiontype">
                                                 <option>Preventing
                                                 <option>Disclosing
                                             </select>
-                                    <tr><td><label for="iSolutioFrequency"><?= $this->getText('Frequency'); ?></label>
+                                    <tr><td><label for="iSolutioFrequency"><?= $this->getHtml('Frequency') ?></label>
                                     <tr><td><select id="iSolutioFrequency" name="solutionfrequency">
                                                 <option>Permanently
                                                 <option>Daily
@@ -266,15 +266,15 @@ echo $this->getData('nav')->render(); ?>
                                                 <option>Semiannual
                                                 <option>Annual
                                             </select>
-                                    <tr><td><label for="iSolutioAssessment"><?= $this->getText('Assessment'); ?></label>
+                                    <tr><td><label for="iSolutioAssessment"><?= $this->getHtml('Assessment') ?></label>
                                     <tr><td><select id="iSolutioAssessment" name="solutionassessment">
                                                 <option>Manual
                                                 <option>IT-dependent
                                                 <option>IT
                                             </select>
-                                    <tr><td><label for="iSolutionDescription"><?= $this->getText('Description'); ?></label>
+                                    <tr><td><label for="iSolutionDescription"><?= $this->getHtml('Description') ?></label>
                                     <tr><td><textarea id="iSolutionDescription" name="solutionDescription"></textarea>
-                                    <tr><td><input type="submit" value="<?= $this->getText('Create', 0, 0); ?>">
+                                    <tr><td><input type="submit" value="<?= $this->getHtml('Create', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -283,15 +283,15 @@ echo $this->getData('nav')->render(); ?>
 
                 <div class="col-xs-12 col-md-6">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Media'); ?></h1></header>
+                        <header><h1><?= $this->getHtml('Media') ?></h1></header>
 
                         <div class="inner">
                             <form>
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td colspan="2"><label for="iMedia"><?= $this->getText('Media'); ?></label>
-                                    <tr><td><input type="text" id="iMedia" placeholder="&#xf15b; File"><td><button><?= $this->getText('Select'); ?></button>
-                                    <tr><td colspan="2"><label for="iUpload"><?= $this->getText('Upload'); ?></label>
+                                    <tr><td colspan="2"><label for="iMedia"><?= $this->getHtml('Media') ?></label>
+                                    <tr><td><input type="text" id="iMedia" placeholder="&#xf15b; File"><td><button><?= $this->getHtml('Select') ?></button>
+                                    <tr><td colspan="2"><label for="iUpload"><?= $this->getHtml('Upload') ?></label>
                                     <tr><td><input type="file" id="iUpload" form="fTask"><input form="fTask" type="hidden" name="type"><td>
                                 </table>
                             </form>
diff --git a/Theme/Backend/risk-list.tpl.php b/Theme/Backend/risk-list.tpl.php
index 1f238aa..c016fd6 100644
--- a/Theme/Backend/risk-list.tpl.php
+++ b/Theme/Backend/risk-list.tpl.php
@@ -19,28 +19,28 @@ echo $this->getData('nav')->render(); ?>
     <div class="col-xs-12">
         <div class="box wf-100">
             <table class="table red">
-                <caption><?= $this->getText('Causes'); ?></caption>
+                <caption><?= $this->getHtml('Causes') ?></caption>
                 <thead>
                 <tr>
-                    <td><?= $this->getText('ID', 0, 0); ?>
-                    <td class="wf-100"><?= $this->getText('Title'); ?>
-                    <td><?= $this->getText('Causes'); ?>
-                    <td><?= $this->getText('Solutions'); ?>
-                    <td><?= $this->getText('RiskObjects'); ?>
+                    <td><?= $this->getHtml('ID', 0, 0); ?>
+                    <td class="wf-100"><?= $this->getHtml('Title') ?>
+                    <td><?= $this->getHtml('Causes') ?>
+                    <td><?= $this->getHtml('Solutions') ?>
+                    <td><?= $this->getHtml('RiskObjects') ?>
                         <tfoot>
                 <tr><td colspan="3">
                         <tbody>
                         <?php $c = 0; foreach ($risks as $key => $value) : $c++;
                         $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/riskmanagement/cause/single?{?}&id=' . $value->getId()); ?>
                 <tr data-href="<?= $url; ?>">
-                    <td><a href="<?= $url; ?>"><?= $value->getId(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getName(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= count($value->getCauses()) ?></a>
-                    <td><a href="<?= $url; ?>"><?= count($value->getSolutions()) ?></a>
-                    <td><a href="<?= $url; ?>"><?= count($value->getRiskObjects()) ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getId(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getName(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars(count($value->getCauses()) , ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars(count($value->getSolutions()) , ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars(count($value->getRiskObjects()) , ENT_COMPAT, 'utf-8'); ?></a>
                         <?php endforeach; ?>
                         <?php if($c === 0) : ?>
-                        <tr><td colspan="3" class="empty"><?= $this->getText('Empty', 0, 0); ?>
+                        <tr><td colspan="3" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
                                 <?php endif; ?>
             </table>
         </div>
diff --git a/Theme/Backend/solution-list.tpl.php b/Theme/Backend/solution-list.tpl.php
index 2ad18c4..a5b9f77 100644
--- a/Theme/Backend/solution-list.tpl.php
+++ b/Theme/Backend/solution-list.tpl.php
@@ -20,26 +20,26 @@ echo $this->getData('nav')->render(); ?>
     <div class="col-xs-12">
         <div class="box wf-100">
             <table class="table red">
-                <caption><?= $this->getText('Solutions'); ?></caption>
+                <caption><?= $this->getHtml('Solutions') ?></caption>
                 <thead>
                 <tr>
-                    <td><?= $this->getText('ID', 0, 0); ?>
-                    <td class="wf-100"><?= $this->getText('Title'); ?>
-                    <td><?= $this->getText('Risk'); ?>
-                    <td><?= $this->getText('Cause'); ?>
+                    <td><?= $this->getHtml('ID', 0, 0); ?>
+                    <td class="wf-100"><?= $this->getHtml('Title') ?>
+                    <td><?= $this->getHtml('Risk') ?>
+                    <td><?= $this->getHtml('Cause') ?>
                         <tfoot>
                 <tr><td colspan="4">
                         <tbody>
                         <?php $c = 0; foreach ($solutions as $key => $value) : $c++;
                         $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/riskmanagement/solution/single?{?}&id=' . $value->getId()); ?>
                 <tr data-href="<?= $url; ?>">
-                    <td><a href="<?= $url; ?>"><?= $value->getId(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getTitle(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getRisk()->getName(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getCause()->getTitle(); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getId(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getTitle(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getRisk()->getName(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getCause()->getTitle(), ENT_COMPAT, 'utf-8'); ?></a>
                         <?php endforeach; ?>
                         <?php if($c === 0) : ?>
-                        <tr><td colspan="4" class="empty"><?= $this->getText('Empty', 0, 0); ?>
+                        <tr><td colspan="4" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
                                 <?php endif; ?>
             </table>
         </div>

getText('ID', 0, 0); ?> -	getText('Title'); ?> +	getHtml('ID', 0, 0); ?> +	getHtml('Title') ?>

getId(); ?> -	getTitle(); ?> +	getId(), ENT_COMPAT, 'utf-8'); ?> +	getTitle(), ENT_COMPAT, 'utf-8'); ?> -
getText('Empty', 0, 0); ?> +
getHtml('Empty', 0, 0); ?>
getText('ID', 0, 0); ?> -	getText('Title'); ?> -	getText('Risk'); ?> +	getHtml('ID', 0, 0); ?> +	getHtml('Title') ?> +	getHtml('Risk') ?>

getId(); ?> -	getTitle(); ?> -	getRisk()->getName(); ?> +	getId(), ENT_COMPAT, 'utf-8'); ?> +	getTitle(), ENT_COMPAT, 'utf-8'); ?> +	getRisk()->getName(), ENT_COMPAT, 'utf-8'); ?> -
getText('Empty', 0, 0); ?> +
getHtml('Empty', 0, 0); ?>
getText('Severity'); ?> -	getText('Name'); ?> -	getText('Department'); ?> -	getText('Category'); ?> -	getText('Process'); ?> -	getText('Project'); ?> -	getText('Unit'); ?> +	getHtml('Severity') ?> +	getHtml('Name') ?> +	getHtml('Department') ?> +	getHtml('Category') ?> +	getHtml('Process') ?> +	getHtml('Project') ?> +	getHtml('Unit') ?>
render(); ?> +
render(), ENT_COMPAT, 'utf-8'); ?>
getId(); ?> -	getName(); ?> +	getId(), ENT_COMPAT, 'utf-8'); ?> +	getName(), ENT_COMPAT, 'utf-8'); ?>				-
getText('Empty', 0, 0); ?> +
getHtml('Empty', 0, 0); ?>
getText('Risks'); ?> +	getHtml('Risks') ?>	0
getText('Causes'); ?> +	getHtml('Causes') ?>	0
getText('Solutions'); ?> +	getHtml('Solutions') ?>	0
getText('Department'); ?> +	getHtml('Department') ?>	0
getText('Category'); ?> +	getHtml('Category') ?>	0
getText('Process'); ?> +	getHtml('Process') ?>	0
getText('Project'); ?> +	getHtml('Project') ?>	0
getText('Total'); ?> +	getHtml('Total') ?>	0
getText('ID', 0, 0); ?> -	getText('Title'); ?> -	getText('Causes'); ?> -	getText('Solutions'); ?> -	getText('RiskObjects'); ?> +	getHtml('ID', 0, 0); ?> +	getHtml('Title') ?> +	getHtml('Causes') ?> +	getHtml('Solutions') ?> +	getHtml('RiskObjects') ?>

getId(); ?> -	getName(); ?> -	getCauses()) ?> -	getSolutions()) ?> -	getRiskObjects()) ?> +	getId(), ENT_COMPAT, 'utf-8'); ?> +	getName(), ENT_COMPAT, 'utf-8'); ?> +	getCauses()) , ENT_COMPAT, 'utf-8'); ?> +	getSolutions()) , ENT_COMPAT, 'utf-8'); ?> +	getRiskObjects()) , ENT_COMPAT, 'utf-8'); ?> -
getText('Empty', 0, 0); ?> +
getHtml('Empty', 0, 0); ?>
getText('ID', 0, 0); ?> -	getText('Title'); ?> -	getText('Risk'); ?> -	getText('Cause'); ?> +	getHtml('ID', 0, 0); ?> +	getHtml('Title') ?> +	getHtml('Risk') ?> +	getHtml('Cause') ?>

getId(); ?> -	getTitle(); ?> -	getRisk()->getName(); ?> -	getCause()->getTitle(); ?> +	getId(), ENT_COMPAT, 'utf-8'); ?> +	getTitle(), ENT_COMPAT, 'utf-8'); ?> +	getRisk()->getName(), ENT_COMPAT, 'utf-8'); ?> +	getCause()->getTitle(), ENT_COMPAT, 'utf-8'); ?> -
getText('Empty', 0, 0); ?> +
getHtml('Empty', 0, 0); ?>