diff --git a/src/Umbraco.Core/StringExtensions.cs b/src/Umbraco.Core/StringExtensions.cs
index 03a371204c..737eefa176 100644
--- a/src/Umbraco.Core/StringExtensions.cs
+++ b/src/Umbraco.Core/StringExtensions.cs
@@ -187,7 +187,6 @@ namespace Umbraco.Core
                 outputArray[i] = char.IsLetterOrDigit(inputArray[i]) ? inputArray[i] : replacement;
             return new string(outputArray);
         }
-
         private static readonly char[] CleanForXssChars = "*?(){}[];:%<>/\\|&'\"".ToCharArray();
 
         /// <summary>
diff --git a/src/Umbraco.Tests/Strings/StringExtensionsTests.cs b/src/Umbraco.Tests/Strings/StringExtensionsTests.cs
index 81dec809c8..53ed2ade08 100644
--- a/src/Umbraco.Tests/Strings/StringExtensionsTests.cs
+++ b/src/Umbraco.Tests/Strings/StringExtensionsTests.cs
@@ -75,6 +75,17 @@ namespace Umbraco.Tests.Strings
             Assert.AreEqual(stripped, result);
         }
 
+        [TestCase("'+alert(1234)+'", "+alert1234+")]
+        [TestCase("'+alert(56+78)+'", "+alert56+78+")]
+        [TestCase("{{file}}", "file")]
+        [TestCase("'+alert('hello')+'", "+alerthello+")]
+        [TestCase("Test", "Test")]
+        public void Clean_From_XSS(string input, string result)
+        {
+            var cleaned = input.CleanForXss();
+            Assert.AreEqual(cleaned, result);
+        }
+
         [TestCase("This is a string to encrypt")]
         [TestCase("This is a string to encrypt\nThis is a second line")]
         [TestCase("    White space is preserved    ")]