Hi If you add a HTML javascript block to the page name EPiServer mostly escapes it (for example in the edit menu or in the search results). This is good if you have content being created by users (for example forums) to prevent malicious XSS code from being executed. But when you delete the page the script is executed when the page name is displayed on the confirmation page. 1. Create a page. Name it "" 2. Delete the page. The alert saying Test will appear. And the confirmation page displays: "" har flyttats till papperskorgen. Well, not a really big issue, but this could have an editor end up on a malicious site. Regards /Fredrik