diff --git a/data/web/inc/footer.inc.php b/data/web/inc/footer.inc.php
index 4a66d466..9c08c663 100644
--- a/data/web/inc/footer.inc.php
+++ b/data/web/inc/footer.inc.php
@@ -12,7 +12,8 @@ $alertbox_log_parser = alertbox_log_parser($_SESSION);
 $alerts = [];
 if (is_array($alertbox_log_parser)) {
   foreach ($alertbox_log_parser as $log) {
-    $alerts[trim($log['type'], '"')][] = trim($log['msg'], '"');
+    $message = strtr($log['msg'], ["\n" => '', "\r" => '', "\t" => '<br>']);
+    $alerts[trim($log['type'], '"')][] = trim($message, '"');
   }
   $alert = array_filter(array_unique($alerts));
   foreach($alert as $alert_type => $alert_msg) {
diff --git a/data/web/templates/base.twig b/data/web/templates/base.twig
index 32b5f405..79042d59 100644
--- a/data/web/templates/base.twig
+++ b/data/web/templates/base.twig
@@ -172,7 +172,7 @@ function recursiveBase64StrToArrayBuffer(obj) {
     // TFA, CSRF, Alerts in footer.inc.php
     // Other general functions in mailcow.js
     {% for alert_type, alert_msg in alerts %}
-    mailcow_alert_box('{{ alert_msg|raw|replace({"\n": "", "\r": "", "\t": "<br>"}) }}', '{{ alert_type }}');
+    mailcow_alert_box('{{ alert_msg|raw }}', '{{ alert_type }}');
     {% endfor %}
 
     // Confirm TFA modal