diff --git a/members/admin/activity_admin.py b/members/admin/activity_admin.py
index 7cdb4bf2..516d64cc 100644
--- a/members/admin/activity_admin.py
+++ b/members/admin/activity_admin.py
@@ -1,6 +1,7 @@
 from django.contrib import admin
 from django.urls import reverse
 from django.utils.safestring import mark_safe
+from django.utils.html import escape
 
 from members.models import (
     ActivityParticipant,
@@ -133,7 +134,7 @@ def age(self, obj):
 
     def union_link(self, item):
         url = reverse("admin:members_union_change", args=[item.department.union_id])
-        link = '<a href="%s">%s</a>' % (url, item.department.union.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.department.union.name))
         return mark_safe(link)
 
     union_link.short_description = "Forening"
@@ -141,7 +142,7 @@ def union_link(self, item):
 
     def department_link(self, item):
         url = reverse("admin:members_department_change", args=[item.department_id])
-        link = '<a href="%s">%s</a>' % (url, item.department.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.department.name))
         return mark_safe(link)
 
     department_link.short_description = "Afdeling"
@@ -166,7 +167,7 @@ def seats_free(self, obj):
     def activity_membership_union_link(self, obj):
         if obj.activitytype_id in ["FORENINGSMEDLEMSKAB", "STØTTEMEDLEMSKAB"]:
             url = reverse("admin:members_union_change", args=[obj.union_id])
-            link = '<a href="%s">%s</a>' % (url, obj.union.name)
+            link = '<a href="%s">%s</a>' % (url, escape(obj.union.name))
             return mark_safe(link)
         else:
             return ""
diff --git a/members/admin/activityinvite_admin.py b/members/admin/activityinvite_admin.py
index d795d26e..1cfd60a8 100644
--- a/members/admin/activityinvite_admin.py
+++ b/members/admin/activityinvite_admin.py
@@ -232,7 +232,7 @@ def activity_department_link(self, item):
 
     def activity_link(self, item):
         url = reverse("admin:members_activity_change", args=[item.activity.id])
-        link = '<a href="%s">%s</a>' % (url, item.activity.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.activity.name))
         return mark_safe(link)
 
     activity_link.short_description = "Aktivitet"
diff --git a/members/admin/activityparticipant_admin.py b/members/admin/activityparticipant_admin.py
index aac9f9db..023398ba 100644
--- a/members/admin/activityparticipant_admin.py
+++ b/members/admin/activityparticipant_admin.py
@@ -4,6 +4,7 @@
 from django.urls import reverse
 from django.utils import timezone
 from django.utils.safestring import mark_safe
+from django.utils.html import escape
 
 from members.models import (
     Activity,
@@ -254,7 +255,7 @@ def activity_person_gender(self, item):
 
     def activity_person_link(self, item):
         url = reverse("admin:members_person_change", args=[item.person_id])
-        link = '<a href="%s">%s</a>' % (url, item.person.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.person.name))
         return mark_safe(link)
 
     activity_person_link.short_description = "Deltager"
@@ -262,7 +263,7 @@ def activity_person_link(self, item):
 
     def activity_family_email_link(self, item):
         url = reverse("admin:members_family_change", args=[item.person.family_id])
-        link = '<a href="%s">%s</a>' % (url, item.person.family.email)
+        link = '<a href="%s">%s</a>' % (url, escape(item.person.family.email))
         return mark_safe(link)
 
     activity_family_email_link.short_description = "Familie"
@@ -270,7 +271,7 @@ def activity_family_email_link(self, item):
 
     def activity_link(self, item):
         url = reverse("admin:members_activity_change", args=[item.activity.id])
-        link = '<a href="%s">%s</a>' % (url, item.activity.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.activity.name))
         return mark_safe(link)
 
     activity_link.short_description = "Aktivitet"
@@ -280,7 +281,7 @@ def activity_department_link(self, item):
         url = reverse(
             "admin:members_department_change", args=[item.activity.department_id]
         )
-        link = '<a href="%s">%s</a>' % (url, item.activity.department.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.activity.department.name))
         return mark_safe(link)
 
     activity_department_link.short_description = "Afdeling"
diff --git a/members/admin/department_admin.py b/members/admin/department_admin.py
index fb7a2090..31c46e25 100644
--- a/members/admin/department_admin.py
+++ b/members/admin/department_admin.py
@@ -3,6 +3,7 @@
 from django.urls import reverse
 from django.utils.safestring import mark_safe
 from members.models import Union, Address, Person
+from django.utils.html import escape
 
 
 class UnionDepartmentFilter(admin.SimpleListFilter):
@@ -103,7 +104,7 @@ def get_queryset(self, request):
 
     def department_union_link(self, item):
         url = reverse("admin:members_union_change", args=[item.union_id])
-        link = '<a href="%s">%s</a>' % (url, item.union.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.union.name))
         return mark_safe(link)
 
     department_union_link.short_description = "Forening"
@@ -111,7 +112,7 @@ def department_union_link(self, item):
 
     def department_link(self, item):
         url = reverse("admin:members_department_change", args=[item.id])
-        link = '<a href="%s">%s</a>' % (url, item.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.name))
         return mark_safe(link)
 
     department_link.short_description = "Afdeling"
diff --git a/members/admin/union_admin.py b/members/admin/union_admin.py
index dfb666c3..c8537d41 100644
--- a/members/admin/union_admin.py
+++ b/members/admin/union_admin.py
@@ -4,6 +4,7 @@
 from django.http import HttpResponse
 from django.urls import reverse
 from django.utils.safestring import mark_safe
+from django.utils.html import escape
 
 from members.models import (
     Address,
@@ -107,7 +108,7 @@ def get_queryset(self, request):
 
     def union_link(self, item):
         url = reverse("admin:members_union_change", args=[item.id])
-        link = '<a href="%s">%s</a>' % (url, item.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.name))
         return mark_safe(link)
 
     union_link.short_description = "Forening"
diff --git a/members/admin/waitinglist_admin.py b/members/admin/waitinglist_admin.py
index f5ed69a7..648f4ba3 100644
--- a/members/admin/waitinglist_admin.py
+++ b/members/admin/waitinglist_admin.py
@@ -7,6 +7,7 @@
 from django.shortcuts import render
 from django.urls import reverse
 from django.utils.safestring import mark_safe
+from django.utils.html import escape
 
 from members.models import (
     Union,
@@ -278,7 +279,7 @@ def get_queryset(self, request):
 
     def union_link(self, item):
         url = reverse("admin:members_union_change", args=[item.id])
-        link = '<a href="%s">%s</a>' % (url, item.department.union.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.department.union.name))
         return mark_safe(link)
 
     union_link.short_description = "Forening"
@@ -286,7 +287,7 @@ def union_link(self, item):
 
     def department_link(self, item):
         url = reverse("admin:members_department_change", args=[item.department_id])
-        link = '<a href="%s">%s</a>' % (url, item.department.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.department.name))
         return mark_safe(link)
 
     department_link.short_description = "Afdeling"
@@ -294,7 +295,7 @@ def department_link(self, item):
 
     def person_link(self, item):
         url = reverse("admin:members_person_change", args=[item.person_id])
-        link = '<a href="%s">%s</a>' % (url, item.person.name)
+        link = '<a href="%s">%s</a>' % (url, escape(item.person.name))
         return mark_safe(link)
 
     person_link.short_description = "Person"