diff --git a/presentation/lookAndFeel/knowledgeTree/create.php b/presentation/lookAndFeel/knowledgeTree/create.php
index cfdb4b4..e4cd407 100644
--- a/presentation/lookAndFeel/knowledgeTree/create.php
+++ b/presentation/lookAndFeel/knowledgeTree/create.php
@@ -98,7 +98,7 @@ if ($oObject->create()) {
 
 //redirect the user
 if (isset($fRedirectURL)) {
-	redirect(urldecode($fRedirectURL) . $oObject->iId . "&fSuccess=" . $bSuccess);
+	redirect(strip_tags(urldecode($fRedirectURL)) . $oObject->iId . "&fSuccess=" . $bSuccess);
 } else {
 	redirect("$default->rootUrl/control.php");
 }
diff --git a/presentation/lookAndFeel/knowledgeTree/store.php b/presentation/lookAndFeel/knowledgeTree/store.php
index aa8402a..ed24bf2 100644
--- a/presentation/lookAndFeel/knowledgeTree/store.php
+++ b/presentation/lookAndFeel/knowledgeTree/store.php
@@ -42,6 +42,6 @@ if (count($_POST) > 0) {
 		$sql = $default->db;
 		$sql->query($aQueries[$i]);
 	}
-	redirect(urldecode($fReturnURL));
+	redirect(strip_tags(urldecode($fReturnURL)));
 }
-?>
\ No newline at end of file
+?>