diff --git a/tests/test-html-injection.php b/tests/test-html-injection.php
new file mode 100644
index 000000000..ee130ab7e
--- /dev/null
+++ b/tests/test-html-injection.php
@@ -0,0 +1,69 @@
+tainacan_entity_factory->create_entity(
+ 'collection',
+ array(
+ 'name' => 'collection name link link2 ',
+ 'description' => 'collection description',
+ ),
+ true
+ );
+ $collection = $Tainacan_Collections->fetch($collection->get_id());
+
+ $metadatum = $this->tainacan_entity_factory->create_entity(
+ 'metadatum',
+ array(
+ 'name' => 'metadatum name link',
+ 'description' => 'metadatum description',
+ 'collection' => $collection,
+ 'metadata_type' => 'Tainacan\Metadata_Types\Text',
+ ),
+ true
+ );
+ $metadatum = $Tainacan_Metadata->fetch($metadatum->get_id());
+
+ $item = $this->tainacan_entity_factory->create_entity(
+ 'item',
+ array(
+ 'title' => 'title item ',
+ 'description' => 'description item ',
+ 'collection' => $collection
+ ),
+ true
+ );
+ $item = $Tainacan_Items->fetch($item->get_id());
+
+ $item_metadata = new \Tainacan\Entities\Item_Metadata_Entity($item, $metadatum);
+ $item_metadata->set_value("");
+ $item_metadata->validate();
+ $item_metadata = $Tainacan_Item_Metadata->insert($item_metadata);
+
+ $this->assertEquals($collection->get_name(), 'collection name link link2');
+ $this->assertEquals($metadatum->get_name(), 'metadatum name link');
+ $this->assertEquals($item->get_title(), 'title item console.log("XSS")');
+ $this->assertEquals($item->get_description(), 'description item');
+ $this->assertEquals($item_metadata->get_value(), "alert('XSS')");
+ //test terms
+ }
+}