diff --git a/kernel/model/assets.go b/kernel/model/assets.go
index 2ca92b366..da711e3f1 100644
--- a/kernel/model/assets.go
+++ b/kernel/model/assets.go
@@ -545,7 +545,7 @@ func RenameAsset(oldPath, newName string) (err error) {
 				treenode.IndexBlockTree(tree)
 				sql.UpsertTreeQueue(tree)
 
-				util.PushEndlessProgress(fmt.Sprintf(Conf.Language(111), tree.Root.IALAttr("title")))
+				util.PushEndlessProgress(fmt.Sprintf(Conf.Language(111), util.EscapeHTML(tree.Root.IALAttr("title"))))
 			}
 		}
 	}
diff --git a/kernel/model/bookmark.go b/kernel/model/bookmark.go
index 6604db5ca..b6a98428b 100644
--- a/kernel/model/bookmark.go
+++ b/kernel/model/bookmark.go
@@ -62,7 +62,7 @@ func RemoveBookmark(bookmark string) (err error) {
 			}
 		}
 
-		util.PushEndlessProgress(fmt.Sprintf(Conf.Language(111), tree.Root.IALAttr("title")))
+		util.PushEndlessProgress(fmt.Sprintf(Conf.Language(111), util.EscapeHTML(tree.Root.IALAttr("title"))))
 		if err = writeJSONQueue(tree); nil != err {
 			util.ClearPushProgress(100)
 			return
@@ -120,7 +120,7 @@ func RenameBookmark(oldBookmark, newBookmark string) (err error) {
 			}
 		}
 
-		util.PushEndlessProgress(fmt.Sprintf(Conf.Language(111), tree.Root.IALAttr("title")))
+		util.PushEndlessProgress(fmt.Sprintf(Conf.Language(111), util.EscapeHTML(tree.Root.IALAttr("title"))))
 		if err = writeJSONQueue(tree); nil != err {
 			util.ClearPushProgress(100)
 			return
diff --git a/kernel/model/tag.go b/kernel/model/tag.go
index 6d12a76c0..d34eb00f5 100644
--- a/kernel/model/tag.go
+++ b/kernel/model/tag.go
@@ -92,7 +92,7 @@ func RemoveTag(label string) (err error) {
 		for _, n := range unlinks {
 			n.Unlink()
 		}
-		util.PushEndlessProgress(fmt.Sprintf(Conf.Language(111), tree.Root.IALAttr("title")))
+		util.PushEndlessProgress(fmt.Sprintf(Conf.Language(111), util.EscapeHTML(tree.Root.IALAttr("title"))))
 		if err = writeJSONQueue(tree); nil != err {
 			util.ClearPushProgress(100)
 			return
@@ -175,7 +175,7 @@ func RenameTag(oldLabel, newLabel string) (err error) {
 				}
 			}
 		}
-		util.PushEndlessProgress(fmt.Sprintf(Conf.Language(111), tree.Root.IALAttr("title")))
+		util.PushEndlessProgress(fmt.Sprintf(Conf.Language(111), util.EscapeHTML(tree.Root.IALAttr("title"))))
 		if err = writeJSONQueue(tree); nil != err {
 			util.ClearPushProgress(100)
 			return