diff --git a/CHANGELOG.md b/CHANGELOG.md
index 76d19af4..0c9c8ee4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](http://keepachangelog.com/)
and this project adheres to [Semantic Versioning](http://semver.org/).
+## [UNRELEASED]
+
+### Fixed
+
+- Fix : confirm dialog js escaping
+
## [2.15.8] - 2026-06-24
### Fixed
diff --git a/ajax/injection.php b/ajax/injection.php
index 7282477a..3725c856 100644
--- a/ajax/injection.php
+++ b/ajax/injection.php
@@ -28,6 +28,8 @@
* -------------------------------------------------------------------------
*/
+use function Safe\unserialize;
+
// Direct access to file
if (strpos($_SERVER['PHP_SELF'], "injection.php")) {
header("Content-Type: text/html; charset=UTF-8");
diff --git a/ajax/results.php b/ajax/results.php
index c1e28b31..704c30d4 100644
--- a/ajax/results.php
+++ b/ajax/results.php
@@ -28,6 +28,8 @@
* -------------------------------------------------------------------------
*/
+use function Safe\unserialize;
+
// Direct access to file
if (strpos($_SERVER['PHP_SELF'], "results.php")) {
header("Content-Type: text/html; charset=UTF-8");
diff --git a/front/clientinjection.form.php b/front/clientinjection.form.php
index 7eff9e6e..5dbf9789 100644
--- a/front/clientinjection.form.php
+++ b/front/clientinjection.form.php
@@ -28,6 +28,8 @@
* -------------------------------------------------------------------------
*/
+use function Safe\unserialize;
+
Session::checkRight("plugin_datainjection_use", READ);
Html::header(
diff --git a/inc/clientinjection.class.php b/inc/clientinjection.class.php
index 66b4e210..a9695ddc 100644
--- a/inc/clientinjection.class.php
+++ b/inc/clientinjection.class.php
@@ -41,6 +41,7 @@
use function Safe\json_encode;
use function Safe\readfile;
use function Safe\unlink;
+use function Safe\unserialize;
class PluginDatainjectionClientInjection
{
diff --git a/inc/mapping.class.php b/inc/mapping.class.php
index 98f059d1..19d87f47 100644
--- a/inc/mapping.class.php
+++ b/inc/mapping.class.php
@@ -32,6 +32,7 @@
use function Safe\ob_get_clean;
use function Safe\ob_start;
+use function Safe\unserialize;
class PluginDatainjectionMapping extends CommonDBTM
{
diff --git a/inc/model.class.php b/inc/model.class.php
index 29b03cf1..7c6f790a 100644
--- a/inc/model.class.php
+++ b/inc/model.class.php
@@ -33,6 +33,7 @@
use function Safe\json_decode;
use function Safe\realpath;
use function Safe\tempnam;
+use function Safe\unserialize;
/**
* -------------------------------------------------------------------------
diff --git a/templates/clientinjection_upload_file.html.twig b/templates/clientinjection_upload_file.html.twig
index 4d7b1617..43ffaa20 100644
--- a/templates/clientinjection_upload_file.html.twig
+++ b/templates/clientinjection_upload_file.html.twig
@@ -69,7 +69,7 @@
{% else %}
{% set message = __("Watch out, you're about to inject data into GLPI. Are you sure you want to do it ?", 'datainjection') %}
{% endif %}
-
+
{% else %}
{% endif %}