diff --git a/admin_frontend/templates/components/admin_sso_list.html b/admin_frontend/templates/components/admin_sso_list.html
index 40a70602..320617e4 100644
--- a/admin_frontend/templates/components/admin_sso_list.html
+++ b/admin_frontend/templates/components/admin_sso_list.html
@@ -15,13 +15,13 @@
         <button
           class="button cyan"
           hx-target="#sso-list"
-          hx-get="/web/components/admin/sso/{{ sso_provider.id }}"
+          hx-get="/web/components/admin/sso/{{ sso_provider.id|escape }}"
         >
           More Info
         </button>
         <button
           class="deletUserBtn button red"
-          hx-delete="/web-api/admin/sso/{{ sso_provider.id }}"
+          hx-delete="/web-api/admin/sso/{{ sso_provider.id|escape }}"
           hx-confirm="Are you sure?"
           hx-target="closest tr"
           hx-swap="delete"
diff --git a/admin_frontend/templates/components/admin_top_menu_bar.html b/admin_frontend/templates/components/admin_top_menu_bar.html
index 55bbc74b..fc50b429 100644
--- a/admin_frontend/templates/components/admin_top_menu_bar.html
+++ b/admin_frontend/templates/components/admin_top_menu_bar.html
@@ -8,7 +8,7 @@
       hx-get="/web/components/user/user"
       class="button red"
     >
-      {{ user.email }}
+      {{ user.email|escape }}
     </div>
   </div>
 
diff --git a/admin_frontend/templates/components/admin_users.html b/admin_frontend/templates/components/admin_users.html
index 3c43de7d..1d9bf76d 100644
--- a/admin_frontend/templates/components/admin_users.html
+++ b/admin_frontend/templates/components/admin_users.html
@@ -14,13 +14,13 @@
         <button
           class="button cyan"
           hx-target="#admin-users"
-          hx-get="/web/components/admin/users/{{ user.id }}"
+          hx-get="/web/components/admin/users/{{ user.id|escape }}"
         >
           More Info
         </button>
         <button
           class="deletUserBtn button red"
-          hx-delete="/web-api/admin/user/{{ user.id }}"
+          hx-delete="/web-api/admin/user/{{ user.id|escape }}"
           hx-confirm="Are you sure?"
           hx-target="closest tr"
           hx-swap="delete"
diff --git a/admin_frontend/templates/components/top_menu_bar.html b/admin_frontend/templates/components/top_menu_bar.html
index fb7f12d7..45e48603 100644
--- a/admin_frontend/templates/components/top_menu_bar.html
+++ b/admin_frontend/templates/components/top_menu_bar.html
@@ -8,7 +8,7 @@
       hx-get="/web/components/user/user"
       class="button cyan"
     >
-      {{ user.email }}
+      {{ user.email|escape }}
     </div>
   </div>
 
diff --git a/admin_frontend/templates/components/user_details.html b/admin_frontend/templates/components/user_details.html
index dcd154ac..d0d2cc77 100644
--- a/admin_frontend/templates/components/user_details.html
+++ b/admin_frontend/templates/components/user_details.html
@@ -2,7 +2,7 @@
   <p>Email: {{ user.email|escape }}</p>
   <p>Role: {{ user.role|escape }}</p>
   <p>Phone: {{ user.phone|escape }}</p>
-  <p>Email Confirmed At: {{ user.email_confirmed_at|default("-") }}</p>
+  <p>Email Confirmed At: {{ user.email_confirmed_at|default("-")|escape }}</p>
   <p>Phone Confirmed At: {{ user.phone_confirmed_at|default("-")|escape }}</p>
   <p>Last Sign In At: {{ user.last_sign_in_at|default("-")|escape }}</p>
   <p>Created At: {{ user.created_at|escape }}</p>
diff --git a/admin_frontend/templates/layouts/base.html b/admin_frontend/templates/layouts/base.html
index 92b43e8e..c329fcb0 100644
--- a/admin_frontend/templates/layouts/base.html
+++ b/admin_frontend/templates/layouts/base.html
@@ -4,7 +4,7 @@
     <meta name="viewport" content="width=device-width, initial-scale=1" />
     <link href="/assets/base.css" rel="stylesheet" />
     <link href="/assets/message.css" rel="stylesheet" />
-    <title>{% block title %}{{ title }}{% endblock %}</title>
+    <title>{% block title %}{{ title|escape }}{% endblock %}</title>
     <script
       src="https://unpkg.com/htmx.org@1.9.6"
       integrity="sha384-FhXw7b6AlE/jyjlZH5iHa/tTe9EpJ1Y55RjcgPbjeWMskSxZt1v9qkxLJWNJaGni"
diff --git a/admin_frontend/templates/pages/login.html b/admin_frontend/templates/pages/login.html
index e0cce70e..b477dc01 100644
--- a/admin_frontend/templates/pages/login.html
+++ b/admin_frontend/templates/pages/login.html
@@ -75,10 +75,10 @@
       {% for provider in oauth_providers %}
       <div class="oauth-icon">
         <a
-          href="/gotrue/authorize?provider={{ provider }}&redirect_to=/web/login"
+          href="/gotrue/authorize?provider={{ provider|escape }}&redirect_to=/web/login"
         >
           <div
-            hx-get="../assets/{{ provider }}/logo.html"
+            hx-get="../assets/{{ provider|escape }}/logo.html"
             hx-trigger="load"
             hx-swap="outerHTML"
           ></div>