diff --git a/pages/ajax.render.php b/pages/ajax.render.php
index ff255bb96..57bb8e6d1 100644
--- a/pages/ajax.render.php
+++ b/pages/ajax.render.php
@@ -1103,7 +1103,7 @@ EOF
 			$aParams = utils::ReadParam('params', '', false, 'raw_data');
 			$sDashletClass = $aParams['attr_dashlet_class'];
 			$sDashletType = $aParams['attr_dashlet_type'];
-			$sDashletId = $aParams['attr_dashlet_id'];
+			$sDashletId = utils::HtmlEntities($aParams['attr_dashlet_id']);
 			$aUpdatedProperties = $aParams['updated']; // Code of the changed properties as an array: 'attr_xxx', 'attr_xxy', etc...
 			$aPreviousValues = $aParams['previous_values']; // hash array: 'attr_xxx' => 'old_value'
 			if (is_subclass_of($sDashletClass, 'Dashlet')) {
diff --git a/test/twig/TwigTest.php b/test/twig/TwigTest.php
index 1457b30f6..f47bc10be 100644
--- a/test/twig/TwigTest.php
+++ b/test/twig/TwigTest.php
@@ -1,33 +1,55 @@
 <?php
 namespace Combodo\iTop\Test\UnitTest;
 
-use AppBundle\Twig\AppExtension;
-use Combodo\iTop\Application\TwigBase\Twig\TwigHelper;
-use Combodo\iTop\Test\UnitTest\ItopTestCase;
+use Combodo\iTop\Portal\Twig\AppExtension;
+use Twig_Environment;
+use Twig_Loader_Array;
 
-class TwigTest extends ItopTestCase
+class TwigTest extends ItopDataTestCase
 {
+	protected function setUp(): void
+	{
+		parent::setUp();
+		require_once __DIR__.'/../../core/config.class.inc.php';
+	}
 
 	/**
 	 * Test the fix for ticket N°4384
 	 *
-	 * @dataProvider testTemplateProvider
+	 * @dataProvider TemplateProvider
 	 *
 	 */
-	public function testTemplate($sFileName, $expected)
+	public function testTemplate($sFileName, $sExpected)
 	{
-		$oTwig = TwigHelper::GetTwigEnvironment( dirname(__FILE__));
+		$sId = 'TestTwig';
+		$oAppExtension = new AppExtension();
 
-		$sHtml = $oTwig->render($sFileName.'.twig');
-	    $this->assertSame($sHtml, $expected);
+		// Creating sandbox twig env. to load and test the custom form template
+		$oTwig = new Twig_Environment(new Twig_Loader_Array([$sId => $sFileName]));
+
+		// Manually registering filters and functions as we didn't find how to do it automatically
+		$aFilters = $oAppExtension->getFilters();
+		foreach ($aFilters as $oFilter)
+		{
+			$oTwig->addFilter($oFilter);
+		}
+		$aFunctions = $oAppExtension->getFunctions();
+		foreach ($aFunctions as $oFunction)
+		{
+			$oTwig->addFunction($oFunction);
+		}
+
+		$sHtml = $oTwig->render($sId, ['AttackerURL' => 'file://'.__DIR__.'/attacker']);
+
+		$this->assertEquals($sExpected, $sHtml);
 	}
 
-	public static function testTemplateProvider()
+	public static function TemplateProvider()
 	{
 		$aReturn = array();
 		$aReturn['filter_system'] = [
-				'sFileName' => 'test.html',
-				'expected' =>file_get_contents(dirname(__FILE__).'/test.html'),
+				'sFileName' => file_get_contents(__DIR__.'/test.html.twig'),
+				'expected' => file_get_contents(__DIR__.'/test.html'),
 			];
 
 		return $aReturn;
diff --git a/test/twig/attacker/backdoor b/test/twig/attacker/backdoor
new file mode 100644
index 000000000..f56435e7a
--- /dev/null
+++ b/test/twig/attacker/backdoor
@@ -0,0 +1 @@
+!!! BACKDOOR !!!
\ No newline at end of file
diff --git a/test/twig/test.html b/test/twig/test.html
index 06cd232d3..2406bbfd4 100644
--- a/test/twig/test.html
+++ b/test/twig/test.html
@@ -1,12 +1,33 @@
 <div>
-	User Name
-</div>
-<div>
-	[&quot;id&quot;]
-</div>
-<div>
-	[&quot;touch+\/tmp\/test+&quot;]
-</div>
-<div>
-	40, 42
-</div>
\ No newline at end of file
+        User Name
+    </div><div>
+        ['id']|filter('system')
+    </div>
+    [&quot;id&quot;]
+    <div>
+        ['touch+/tmp/test+']|filter('system')|join(',')
+    </div>
+    [&quot;touch+\/tmp\/test+&quot;]
+    <div>
+        set sizes = [34, 36, 38, 40, 42]
+        sizes|filter(v => v > 38)|join(', ')
+    </div>
+        40, 42
+    <div>
+        app.request.server.all|join(',')
+    </div><div>
+        self
+    </div><div>
+        [0]|reduce('system','echo')
+    </div>
+    [&quot;echo&quot;]
+    <div>
+        ['echo']|map('system')|join
+    </div>
+    [&quot;echo&quot;]
+    <div>
+        ['echo',1]|sort('system')|join
+    </div>
+    echo1
+    POST /subscribe?0=cat+/etc/passwd HTTP/1.1
+    email=""@attacker.tld
\ No newline at end of file
diff --git a/test/twig/test.html.twig b/test/twig/test.html.twig
index b2ae9dd5a..5825249c3 100644
--- a/test/twig/test.html.twig
+++ b/test/twig/test.html.twig
@@ -1,13 +1,41 @@
-<div>
-	{{ 'UI:Login:UserNamePrompt'|dict_s }}
-</div>
-<div>
-	{{['id']|filter('system')}}
-</div>
-<div>
-	{{['touch+/tmp/test+']|filter('system')|join(',')}}
-</div>
-<div>
-{% set sizes = [34, 36, 38, 40, 42] %}
-	{{ sizes|filter(v => v > 38)|join(', ') }}
-</div>
\ No newline at end of file
+{% spaceless %}
+    <div>
+        {{ 'UI:Login:UserNamePrompt'|dict_s }}
+    </div>
+    <div>
+        ['id']|filter('system')
+    </div>
+    {{ ['id']|filter('system') }}
+    <div>
+        ['touch+/tmp/test+']|filter('system')|join(',')
+    </div>
+    {{ ['touch+/tmp/test+']|filter('system')|join(',') }}
+    <div>
+        set sizes = [34, 36, 38, 40, 42]
+        sizes|filter(v => v > 38)|join(', ')
+    </div>
+    {% set sizes = [34, 36, 38, 40, 42] %}
+    {{ sizes|filter(v => v > 38)|join(', ') }}
+    <div>
+        app.request.server.all|join(',')
+    </div>
+    {{ app.request.server.all|join(',') }} {# needs syfony #}
+    <div>
+        self
+    </div>
+    {{ self }} {# ??? not sure #}
+    <div>
+        [0]|reduce('system','echo')
+    </div>
+    {{ [0]|reduce('system','echo') }}
+    <div>
+        ['echo']|map('system')|join
+    </div>
+    {{ ['echo']|map('system')|join }}
+    <div>
+        ['echo',1]|sort('system')|join
+    </div>
+    {{ ['echo',1]|sort('system')|join }}
+    POST /subscribe?0=cat+/etc/passwd HTTP/1.1
+    email="{{ app.request.query.filter(0,0,1024,{'options':'system'}) }}"@attacker.tld
+{% endspaceless %}
\ No newline at end of file