diff --git a/cms/djangoapps/contentstore/views/tests/test_certificates.py b/cms/djangoapps/contentstore/views/tests/test_certificates.py
index 8f72f7ba1d..d6d52cbba1 100644
--- a/cms/djangoapps/contentstore/views/tests/test_certificates.py
+++ b/cms/djangoapps/contentstore/views/tests/test_certificates.py
@@ -1,7 +1,7 @@
 #-*- coding: utf-8 -*-
 
 """
-Group Configuration Tests.
+Certificates Tests.
 """
 import json
 import mock
diff --git a/cms/static/js/certificates/views/certificate_editor.js b/cms/static/js/certificates/views/certificate_editor.js
index 7e205c6d19..11cc32a99d 100644
--- a/cms/static/js/certificates/views/certificate_editor.js
+++ b/cms/static/js/certificates/views/certificate_editor.js
@@ -97,11 +97,11 @@ function($, _, Backbone, gettext,
             return {
                 id: this.model.get('id'),
                 uniqueId: _.uniqueId(),
-                name: this.model.escape('name'),
-                description: this.model.escape('description'),
-                course_title: this.model.escape('course_title'),
-                org_logo_path: this.model.escape('org_logo_path'),
-                is_active: this.model.escape('is_active'),
+                name: this.model.get('name'),
+                description: this.model.get('description'),
+                course_title: this.model.get('course_title'),
+                org_logo_path: this.model.get('org_logo_path'),
+                is_active: this.model.get('is_active'),
                 isNew: this.model.isNew()
             };
         },
diff --git a/cms/static/js/views/edit_chapter.js b/cms/static/js/views/edit_chapter.js
index c15eb1b19f..f70839c2d4 100644
--- a/cms/static/js/views/edit_chapter.js
+++ b/cms/static/js/views/edit_chapter.js
@@ -12,8 +12,8 @@ define(["js/views/baseview", "underscore", "underscore.string", "jquery", "gette
         },
         render: function() {
             this.$el.html(this.template({
-                name: this.model.escape('name'),
-                asset_path: this.model.escape('asset_path'),
+                name: this.model.get('name'),
+                asset_path: this.model.get('asset_path'),
                 order: this.model.get('order'),
                 error: this.model.validationError
             }));
@@ -52,8 +52,10 @@ define(["js/views/baseview", "underscore", "underscore.string", "jquery", "gette
                 asset_path: this.$("input.chapter-asset-path").val()
             });
             var msg = new FileUploadModel({
-                title: _.template(gettext("Upload a new PDF to “<%= name %>”"),
-                    {name: course.escape('name')}),
+                title: _.template(
+                    gettext("Upload a new PDF to “<%= name %>”"),
+                    {name: window.course.escape('name')}
+                ),
                 message: gettext("Please select a PDF file to upload."),
                 mimeTypes: ['application/pdf']
             });
diff --git a/cms/static/js/views/edit_textbook.js b/cms/static/js/views/edit_textbook.js
index fcd4503b83..3616a5e994 100644
--- a/cms/static/js/views/edit_textbook.js
+++ b/cms/static/js/views/edit_textbook.js
@@ -13,7 +13,7 @@ define(["js/views/baseview", "underscore", "jquery", "js/views/edit_chapter", "c
         className: "textbook",
         render: function() {
             this.$el.html(this.template({
-                name: this.model.escape('name'),
+                name: this.model.get('name'),
                 error: this.model.validationError
             }));
             this.addAll();
diff --git a/cms/static/js/views/show_textbook.js b/cms/static/js/views/show_textbook.js
index c7caa4b4f9..2dcc470154 100644
--- a/cms/static/js/views/show_textbook.js
+++ b/cms/static/js/views/show_textbook.js
@@ -29,8 +29,10 @@ define(["js/views/baseview", "underscore", "gettext", "common/js/components/view
             if(e && e.preventDefault) { e.preventDefault(); }
             var textbook = this.model, collection = this.model.collection;
             var msg = new PromptView.Warning({
-                title: _.template(gettext("Delete “<%= name %>”?"),
-                    {name: textbook.escape('name')}),
+                title: _.template(
+                    gettext("Delete “<%= name %>”?"),
+                    {name: textbook.get('name')}
+                ),
                 message: gettext("Deleting a textbook cannot be undone and once deleted any reference to it in your courseware's navigation will also be removed."),
                 actions: {
                     primary: {
diff --git a/cms/templates/base.html b/cms/templates/base.html
index 51db3f154c..1603c9f209 100644
--- a/cms/templates/base.html
+++ b/cms/templates/base.html
@@ -1,11 +1,12 @@
 ## coding=utf-8
 <%namespace name='static' file='static_content.html'/>
 <%!
-from django.utils.translation import ugettext as _
+from openedx.core.djangolib.markup import ugettext as _
 from openedx.core.djangolib.js_utils import (
     dump_js_escaped_json, js_escaped_string
 )
 %>
+<%page expression_filter="h"/>
 <!doctype html>
 <!--[if lte IE 9]><html class="ie9 lte9" lang="${LANGUAGE_CODE}"><![endif]-->
 <!--[if !IE]><<!--><html lang="${LANGUAGE_CODE}"><!--<![endif]-->
@@ -16,9 +17,9 @@ from openedx.core.djangolib.js_utils import (
         <%block name="title"></%block> |
         % if context_course:
         <% ctx_loc = context_course.location %>
-        ${context_course.display_name_with_default_escaped | h} |
+        ${context_course.display_name_with_default} |
         % elif context_library:
-        ${context_library.display_name_with_default_escaped | h} |
+        ${context_library.display_name_with_default} |
         % endif
         ${settings.STUDIO_NAME}
     </title>
@@ -82,24 +83,24 @@ from openedx.core.djangolib.js_utils import (
     <script type="text/javascript">
       require(['common/js/common_libraries'], function () {
           require(['js/factories/base'], function () {
-               require(['js/models/course'], function(Course) {
-                   % if context_course:
-                       window.course = new Course({
-                           id: "${context_course.id | n, js_escaped_string}",
-                           name: "${context_course.display_name_with_default_escaped | h}",
-                           url_name: "${context_course.location.name | h}",
-                           org: "${context_course.location.org | h}",
-                           num: "${context_course.location.course | h}",
-                           display_course_number: "${context_course.display_coursenumber | n, js_escaped_string}",
-                           revision: "${context_course.location.revision | h}",
-                           self_paced: ${context_course.self_paced | n, dump_js_escaped_json}
-                       });
-                   % endif
-                   % if user.is_authenticated():
-                       require(['js/sock']);
-                   % endif
-                   <%block name='requirejs'></%block>
-               });
+              require(['js/models/course'], function(Course) {
+                  % if context_course:
+                      window.course = new Course({
+                          id: "${context_course.id | n, js_escaped_string}",
+                          name: "${context_course.display_name_with_default | n, js_escaped_string}",
+                          url_name: "${context_course.location.name | n, js_escaped_string}",
+                          org: "${context_course.location.org | n, js_escaped_string}",
+                          num: "${context_course.location.course | n, js_escaped_string}",
+                          display_course_number: "${context_course.display_coursenumber | n, js_escaped_string}",
+                          revision: "${context_course.location.revision | n, js_escaped_string}",
+                          self_paced: ${context_course.self_paced | n, dump_js_escaped_json}
+                      });
+                  % endif
+                  % if user.is_authenticated():
+                      require(['js/sock']);
+                  % endif
+                  <%block name='requirejs'></%block>
+              });
           });
       });
     </script>
diff --git a/cms/templates/js/certificate-details.underscore b/cms/templates/js/certificate-details.underscore
index 7bed814728..d78f27ea05 100644
--- a/cms/templates/js/certificate-details.underscore
+++ b/cms/templates/js/certificate-details.underscore
@@ -1,46 +1,46 @@
 <div class="collection-details wrapper-certificate">
     <header class="collection-header">
         <h3 class="sr title">
-            <%= name %>
+            <%- name %>
         </h3>
     </header>
 
    <ol class="collection-info certificate-info certificate-info-<% if(showDetails){ print('block'); } else { print('inline'); } %>">
      <% if (!_.isUndefined(id)) { %>
          <li class="sr certificate-id">
-            <span class="certificate-label"><%= gettext('ID') %>: </span>
-            <span class="certificate-value"><%= id %></span>
+            <span class="certificate-label"><%- gettext('ID') %>: </span>
+            <span class="certificate-value"><%- id %></span>
         </li>
      <% } %>
      <% if (showDetails) { %>
          <section class="certificate-settings course-details">
              <header>
-               <h2 class="title title-2"><%= gettext("Certificate Details") %></h2>
+               <h2 class="title title-2"><%- gettext("Certificate Details") %></h2>
              </header>
              <div class='certificate-info-section'>
                  <div class='course-title-section pull-left'>
                     <p class="actual-course-title">
-                            <span class="certificate-label"><%= gettext('Course Title') %>: </span>
-                            <span class="certificate-value"><%= course.get('name') %></span>
+                            <span class="certificate-label"><%- gettext('Course Title') %>: </span>
+                            <span class="certificate-value"><%- course.get('name') %></span>
                     </p>
                     <% if (course_title) { %>
                         <p class="course-title-override">
-                            <span class="certificate-label"><b><%= gettext('Course Title Override') %>: </b></span>
-                            <span class="certificate-value"><%= course_title %></span>
+                            <span class="certificate-label"><b><%- gettext('Course Title Override') %>: </b></span>
+                            <span class="certificate-value"><%- course_title %></span>
                         </p>
                     <% } %>
                  </div>
 
                 <div class='course-number-section pull-left'>
                     <p class="actual-course-number">
-                            <span class="certificate-label"><b><%= gettext('Course Number') %>: </b> </span>
-                            <span class="certificate-value"><%= course.get('num') %></span>
+                            <span class="certificate-label"><b><%- gettext('Course Number') %>: </b> </span>
+                            <span class="certificate-value"><%- course.get('num') %></span>
                     </p>
 
                     <% if (course.get('display_course_number')) { %>
                         <p class="course-number-override">
-                            <span class="certificate-label"><b><%= gettext('Course Number Override') %>: </b></span>
-                            <span class="certificate-value"><%= course.get('display_course_number') %></span>
+                            <span class="certificate-label"><b><%- gettext('Course Number Override') %>: </b></span>
+                            <span class="certificate-value"><%- course.get('display_course_number') %></span>
                         </p>
                     <% } %>
                 </div>
@@ -50,9 +50,9 @@
 
         <section class="certificate-settings signatories">
              <header>
-               <h2 class="title title-2"><%= gettext("Certificate Signatories") %></h2>
+               <h2 class="title title-2"><%- gettext("Certificate Signatories") %></h2>
              </header>
-             <p class="instructions"><%= gettext("It is strongly recommended that you include four or fewer signatories. If you include additional signatories, preview the certificate in Print View to ensure the certificate will print correctly on one page.") %></p>
+             <p class="instructions"><%- gettext("It is strongly recommended that you include four or fewer signatories. If you include additional signatories, preview the certificate in Print View to ensure the certificate will print correctly on one page.") %></p>
              <div class="signatory-details-list"></div>
         </section>
     <% } %>
@@ -61,10 +61,10 @@
     <ul class="actions certificate-actions">
         <% if (CMS.User.isGlobalStaff || !is_active) { %>
         <li class="action action-edit">
-            <button class="edit"><i class="icon fa fa-pencil" aria-hidden="true"></i> <%= gettext("Edit") %></button>
+            <button class="edit"><i class="icon fa fa-pencil" aria-hidden="true"></i> <%- gettext("Edit") %></button>
         </li>
-        <li class="action action-delete wrapper-delete-button" data-tooltip="<%= gettext('Delete') %>">
-            <button class="delete action-icon"><i class="icon fa fa-trash-o" aria-hidden="true"></i><span><%= gettext("Delete") %></span></button>
+        <li class="action action-delete wrapper-delete-button" data-tooltip="<%- gettext('Delete') %>">
+            <button class="delete action-icon"><i class="icon fa fa-trash-o" aria-hidden="true"></i><span><%- gettext("Delete") %></span></button>
         </li>
         <% } %>
     </ul>
diff --git a/cms/templates/js/certificate-editor.underscore b/cms/templates/js/certificate-editor.underscore
index 003951d91f..513113b805 100644
--- a/cms/templates/js/certificate-editor.underscore
+++ b/cms/templates/js/certificate-editor.underscore
@@ -2,52 +2,52 @@
     <div aria-live="polite">
     <% if (error && error.message) { %>
         <div class="certificate-edit-error message message-status message-status error is-shown" name="certificate-edit-error">
-          <%= gettext(error.message) %>
+          <%- gettext(error.message) %>
         </div>
     <% } %>
     </div>
     <div class="wrapper-form">
         <fieldset class="collection-fields certificate-fields">
-            <legend class="sr"><%= gettext("Certificate Information") %></legend>
+            <legend class="sr"><%- gettext("Certificate Information") %></legend>
             <div class="sr input-wrap field text required add-collection-name add-certificate-name <% if(error && error.attributes && error.attributes.name) { print('error'); } %>">
-                <label for="certificate-name-<%= uniqueId %>"><%= gettext("Certificate Name") %></label>
-                <input id="certificate-name-<%= uniqueId %>" class="collection-name-input input-text" name="certificate-name" type="text" placeholder="<%= gettext("Name of the certificate") %>" value="<%= name %>" aria-describedby="certificate-name-<%=uniqueId %>-tip" />
-                <span id="certificate-name-<%= uniqueId %>-tip" class="tip tip-stacked"><%= gettext("Name of the certificate") %></span>
+                <label for="certificate-name-<%- uniqueId %>"><%- gettext("Certificate Name") %></label>
+                <input id="certificate-name-<%- uniqueId %>" class="collection-name-input input-text" name="certificate-name" type="text" placeholder="<%- gettext("Name of the certificate") %>" value="<%- name %>" aria-describedby="certificate-name-<%-uniqueId %>-tip" />
+                <span id="certificate-name-<%- uniqueId %>-tip" class="tip tip-stacked"><%- gettext("Name of the certificate") %></span>
             </div>
             <div class="sr input-wrap field text add-certificate-description">
-                <label for="certificate-description-<%= uniqueId %>"><%= gettext("Description") %></label>
-                <textarea id="certificate-description-<%= uniqueId %>" class="certificate-description-input text input-text" name="certificate-description" placeholder="<%= gettext("Description of the certificate") %>" aria-describedby="certificate-description-<%=uniqueId %>-tip"><%= description %></textarea>
-                <span id="certificate-description-<%= uniqueId %>-tip" class="tip tip-stacked"><%= gettext("Description of the certificate") %></span>
+                <label for="certificate-description-<%- uniqueId %>"><%- gettext("Description") %></label>
+                <textarea id="certificate-description-<%- uniqueId %>" class="certificate-description-input text input-text" name="certificate-description" placeholder="<%- gettext("Description of the certificate") %>" aria-describedby="certificate-description-<%-uniqueId %>-tip"><%- description %></textarea>
+                <span id="certificate-description-<%- uniqueId %>-tip" class="tip tip-stacked"><%- gettext("Description of the certificate") %></span>
             </div>
             <header>
-              <h2 class="title title-2"><%= gettext("Certificate Details") %></h2>
+              <h2 class="title title-2"><%- gettext("Certificate Details") %></h2>
             </header>
             <div class="actual-course-title">
-                <span class="actual-course-title"><%= gettext("Course Title") %>: </span>
-                <span class="actual-title"><%= course.get('name') %></span>
+                <span class="actual-course-title"><%- gettext("Course Title") %>: </span>
+                <span class="actual-title"><%- course.get('name') %></span>
             </div>
             <div class="input-wrap field text add-certificate-course-title">
-                <label for="certificate-course-title-<%= uniqueId %>"><%= gettext("Course Title Override") %></label>
-                <input id="certificate-course-title-<%= uniqueId %>" class="certificate-course-title-input input-text" name="certificate-course-title" type="text" placeholder="<%= gettext("Course title") %>" value="<%= course_title %>" aria-describedby="certificate-course-title-<%=uniqueId %>-tip" />
-                <span id="certificate-course-title-<%= uniqueId %>-tip" class="tip tip-stacked"><%= gettext("Specify an alternative to the official course title to display on certificates. Leave blank to use the official course title.") %></span>
+                <label for="certificate-course-title-<%- uniqueId %>"><%- gettext("Course Title Override") %></label>
+                <input id="certificate-course-title-<%- uniqueId %>" class="certificate-course-title-input input-text" name="certificate-course-title" type="text" placeholder="<%- gettext("Course title") %>" value="<%- course_title %>" aria-describedby="certificate-course-title-<%-uniqueId %>-tip" />
+                <span id="certificate-course-title-<%- uniqueId %>-tip" class="tip tip-stacked"><%- gettext("Specify an alternative to the official course title to display on certificates. Leave blank to use the official course title.") %></span>
             </div>
         </fieldset>
          <header>
-            <h2 class="title title-2"><%= gettext("Certificate Signatories") %></h2>
+            <h2 class="title title-2"><%- gettext("Certificate Signatories") %></h2>
          </header>
-         <p class="instructions"><%= gettext("It is strongly recommended that you include four or fewer signatories. If you include additional signatories, preview the certificate in Print View to ensure the certificate will print correctly on one page.") %></p>
+         <p class="instructions"><%- gettext("It is strongly recommended that you include four or fewer signatories. If you include additional signatories, preview the certificate in Print View to ensure the certificate will print correctly on one page.") %></p>
         <div class="signatory-edit-list"> </div>
         <span>
-           <button class="action action-add-signatory" type="button"><%= gettext("Add Additional Signatory") %></button>
-           <span class="tip tip-stacked"><%= gettext("(Add signatories for a certificate)") %></span>
+           <button class="action action-add-signatory" type="button"><%- gettext("Add Additional Signatory") %></button>
+           <span class="tip tip-stacked"><%- gettext("(Add signatories for a certificate)") %></span>
         </span>
     </div>
     <div class="actions">
         <button class="action action-primary" type="submit"><% if (isNew) { print(gettext("Create")) } else { print(gettext("Save")) } %></button>
-        <button class="action action-secondary action-cancel"><%= gettext("Cancel") %></button>
+        <button class="action action-secondary action-cancel"><%- gettext("Cancel") %></button>
         <% if (!isNew && (CMS.User.isGlobalStaff || !is_active)) { %>
             <span class="wrapper-delete-button">
-                <a class="button action-delete delete" href="#"><%= gettext("Delete") %></a>
+                <a class="button action-delete delete" href="#"><%- gettext("Delete") %></a>
             </span>
         <% } %>
     </div>
diff --git a/cms/templates/js/edit-chapter.underscore b/cms/templates/js/edit-chapter.underscore
index 7671b62eed..66851249bb 100644
--- a/cms/templates/js/edit-chapter.underscore
+++ b/cms/templates/js/edit-chapter.underscore
@@ -1,14 +1,14 @@
-<div class="input-wrap field text required field-add-chapter-name chapter<%= order %>-name
+<div class="input-wrap field text required field-add-chapter-name chapter<%- order %>-name
     <% if (error && error.attributes && error.attributes.name) { print('error'); } %>">
-  <label for="chapter<%= order %>-name"><%= gettext("Chapter Name") %></label>
-  <input id="chapter<%= order %>-name" name="chapter<%= order %>-name" class="chapter-name short" placeholder="<%= _.str.sprintf(gettext("Chapter %s"), order) %>" value="<%= name %>" type="text">
-  <span class="tip tip-stacked"><%= gettext("provide the title/name of the chapter that will be used in navigating") %></span>
+  <label for="chapter<%- order %>-name"><%- gettext("Chapter Name") %></label>
+  <input id="chapter<%- order %>-name" name="chapter<%- order %>-name" class="chapter-name short" placeholder="<%- _.str.sprintf(gettext("Chapter %s"), order) %>" value="<%- name %>" type="text">
+  <span class="tip tip-stacked"><%- gettext("provide the title/name of the chapter that will be used in navigating") %></span>
 </div>
-<div class="input-wrap field text required field-add-chapter-asset chapter<%= order %>-asset
+<div class="input-wrap field text required field-add-chapter-asset chapter<%- order %>-asset
     <% if (error && error.attributes && error.attributes.asset_path) { print('error'); } %>">
-  <label for="chapter<%= order %>-asset-path"><%= gettext("Chapter Asset") %></label>
-  <input id="chapter<%= order %>-asset-path" name="chapter<%= order %>-asset-path" class="chapter-asset-path" placeholder="<%= _.str.sprintf(gettext("path/to/introductionToCookieBaking-CH%d.pdf"), order) %>" value="<%= asset_path %>" type="text" dir="ltr">
-  <span class="tip tip-stacked"><%= gettext("upload a PDF file or provide the path to a Studio asset file") %></span>
-<button class="action action-upload"><%= gettext("Upload PDF") %></button>
+  <label for="chapter<%- order %>-asset-path"><%- gettext("Chapter Asset") %></label>
+  <input id="chapter<%- order %>-asset-path" name="chapter<%- order %>-asset-path" class="chapter-asset-path" placeholder="<%- _.str.sprintf(gettext("path/to/introductionToCookieBaking-CH%d.pdf"), order) %>" value="<%- asset_path %>" type="text" dir="ltr">
+  <span class="tip tip-stacked"><%- gettext("upload a PDF file or provide the path to a Studio asset file") %></span>
+<button class="action action-upload"><%- gettext("Upload PDF") %></button>
 </div>
-<a href="" class="action action-close"><i class="icon fa fa-times-circle"></i> <span class="sr"><%= gettext("delete chapter") %></span></a>
+<a href="" class="action action-close"><i class="icon fa fa-times-circle"></i> <span class="sr"><%- gettext("delete chapter") %></span></a>
diff --git a/cms/templates/js/edit-textbook.underscore b/cms/templates/js/edit-textbook.underscore
index d7ce6256d0..fa42651d7d 100644
--- a/cms/templates/js/edit-textbook.underscore
+++ b/cms/templates/js/edit-textbook.underscore
@@ -2,27 +2,27 @@
   <div class="wrapper-form">
   <% if (error && error.message) { %>
     <div id="edit_textbook_error" class="message message-status message-status error is-shown" name="edit_textbook_error">
-      <%= gettext(error.message) %>
+      <%- gettext(error.message) %>
     </div>
   <% } %>
 
   <fieldset class="textbook-fields">
-    <legend class="sr"><%= gettext("Textbook information") %></legend>
+    <legend class="sr"><%- gettext("Textbook information") %></legend>
         <div class="input-wrap field text required add-textbook-name <% if(error && error.attributes && error.attributes.name) { print('error'); } %>">
-          <label for="textbook-name-input"><%= gettext("Textbook Name") %></label>
-          <input id="textbook-name-input" name="textbook-name" type="text" placeholder="<%= gettext("Introduction to Cookie Baking") %>" value="<%= name %>">
-          <span class="tip tip-stacked"><%= gettext("provide the title/name of the text book as you would like your students to see it") %></span>
+          <label for="textbook-name-input"><%- gettext("Textbook Name") %></label>
+          <input id="textbook-name-input" name="textbook-name" type="text" placeholder="<%- gettext("Introduction to Cookie Baking") %>" value="<%- name %>">
+          <span class="tip tip-stacked"><%- gettext("provide the title/name of the text book as you would like your students to see it") %></span>
         </div>
   </fieldset>
   <fieldset class="chapters-fields">
-    <legend class="sr"><%= gettext("Chapter information") %></legend>
+    <legend class="sr"><%- gettext("Chapter information") %></legend>
       <ol class="chapters list-input enum"></ol>
 
-    <button class="action action-add-chapter"><i class="icon fa fa-plus"></i> <%= gettext("Add a Chapter") %></button>
+    <button class="action action-add-chapter"><i class="icon fa fa-plus"></i> <%- gettext("Add a Chapter") %></button>
   </fieldset>
   </div>
   <div class="actions">
-    <button class="action action-primary" type="submit"><%= gettext("Save") %></button>
-    <button class="action action-secondary action-cancel"><%= gettext("Cancel") %></button>
+    <button class="action action-primary" type="submit"><%- gettext("Save") %></button>
+    <button class="action action-secondary action-cancel"><%- gettext("Cancel") %></button>
   </div>
 </form>
diff --git a/cms/templates/js/publish-xblock.underscore b/cms/templates/js/publish-xblock.underscore
index 8afcafa364..766cec8aa5 100644
--- a/cms/templates/js/publish-xblock.underscore
+++ b/cms/templates/js/publish-xblock.underscore
@@ -19,43 +19,43 @@ if (visibilityState === 'live') {
 
 var visibleToStaffOnly = visibilityState === 'staff_only';
 %>
-<div class="bit-publishing <%= visibilityClass %> <% if (releaseDate) { %>is-scheduled<% } %>">
-    <h3 class="bar-mod-title pub-status"><span class="sr"><%= gettext("Publishing Status") %></span>
-        <%= title %>
+<div class="bit-publishing <%- visibilityClass %> <% if (releaseDate) { %>is-scheduled<% } %>">
+    <h3 class="bar-mod-title pub-status"><span class="sr"><%- gettext("Publishing Status") %></span>
+        <%- title %>
     </h3>
 
     <div class="wrapper-last-draft bar-mod-content">
         <p class="copy meta">
             <% if (hasChanges && editedOn && editedBy) {
                 var message = gettext("Draft saved on %(last_saved_date)s by %(edit_username)s") %>
-                <%= interpolate(message, {
-                    last_saved_date: '<span class="date">' + editedOn + '</span>',
-                    edit_username: '<span class="user">' + editedBy + '</span>' }, true) %>
+                <%= interpolate(_.escape(message), {
+                    last_saved_date: '<span class="date">' + _.escape(editedOn) + '</span>',
+                    edit_username: '<span class="user">' + _.escape(editedBy) + '</span>' }, true) %>
             <% } else if (publishedOn && publishedBy) {
                 var message = gettext("Last published %(last_published_date)s by %(publish_username)s"); %>
-                <%= interpolate(message, {
-                    last_published_date: '<span class="date">' + publishedOn + '</span>',
-                    publish_username: '<span class="user">' + publishedBy + '</span>' }, true) %>
+                <%= interpolate(_.escape(message), {
+                    last_published_date: '<span class="date">' + _.escape(publishedOn) + '</span>',
+                    publish_username: '<span class="user">' + _.escape(publishedBy) + '</span>' }, true) %>
             <% } else { %>
-                <%= gettext("Previously published") %>
+                <%- gettext("Previously published") %>
             <% } %>
         </p>
     </div>
 
     <% if (!course.get('self_paced')) { %>
         <div class="wrapper-release bar-mod-content">
-            <h5 class="title"><%= releaseLabel %></h5>
+            <h5 class="title"><%- releaseLabel %></h5>
             <p class="copy">
                 <% if (releaseDate) { %>
-                    <span class="release-date"><%= releaseDate %></span>
+                    <span class="release-date"><%- releaseDate %></span>
                     <span class="release-with">
-                        <%= interpolate(
+                        <%- interpolate(
                             gettext('with %(release_date_from)s'), { release_date_from: releaseDateFrom }, true
                         ) %>
                     </span>
 
                 <% } else { %>
-                    <%= gettext("Unscheduled") %>
+                    <%- gettext("Unscheduled") %>
                 <% } %>
             </p>
         </div>
@@ -64,40 +64,40 @@ var visibleToStaffOnly = visibilityState === 'staff_only';
     <div class="wrapper-visibility bar-mod-content">
         <h5 class="title">
             <% if (released && published && !hasChanges) { %>
-                <%= gettext("Is Visible To:") %>
+                <%- gettext("Is Visible To:") %>
             <% } else { %>
-                <%= gettext("Will Be Visible To:") %>
+                <%- gettext("Will Be Visible To:") %>
             <% } %>
         </h5>
         <% if (visibleToStaffOnly) { %>
             <p class="visbility-copy copy">
-                <%= gettext("Staff Only") %>
+                <%- gettext("Staff Only") %>
                 <% if (!hasExplicitStaffLock) { %>
                     <span class="inherited-from">
-                        <%= interpolate(
+                        <%- interpolate(
                             gettext("with %(section_or_subsection)s"),{ section_or_subsection: staffLockFrom }, true
                         ) %>
                     </span>
                 <% } %>
             </p>
         <% } else { %>
-            <p class="visbility-copy copy"><%= gettext("Staff and Students") %></p>
+            <p class="visbility-copy copy"><%- gettext("Staff and Students") %></p>
         <% } %>
             <% if (hasContentGroupComponents) { %>
                 <p class="note-visibility">
                     <i class="icon fa fa-eye" aria-hidden="true"></i>
-                    <span class="note-copy"><%= gettext("Some content in this unit is visible only to particular content groups") %></span>
+                    <span class="note-copy"><%- gettext("Some content in this unit is visible only to particular content groups") %></span>
                 </p>
             <% } %>
         <ul class="actions-inline">
             <li class="action-inline">
-                <a href="" class="action-staff-lock" role="button" aria-pressed="<%= hasExplicitStaffLock %>">
+                <a href="" class="action-staff-lock" role="button" aria-pressed="<%- hasExplicitStaffLock %>">
                 <% if (hasExplicitStaffLock) { %>
                     <i class="icon fa fa-check-square-o" aria-hidden="true"></i>
                 <% } else { %>
                     <i class="icon fa fa-square-o" aria-hidden="true"></i>
                 <% } %>
-                <%= gettext('Hide from students') %>
+                <%- gettext('Hide from students') %>
             </a>
             </li>
         </ul>
@@ -107,12 +107,12 @@ var visibleToStaffOnly = visibilityState === 'staff_only';
         <ul class="action-list">
             <li class="action-item">
                 <a class="action-publish action-primary <% if (published && !hasChanges) { %>is-disabled<% } %>"
-                   href="" aria-disabled="<% if (published && !hasChanges) { %>true<% } else { %>false<% } %>" ><%= gettext("Publish") %>
+                   href="" aria-disabled="<% if (published && !hasChanges) { %>true<% } else { %>false<% } %>" ><%- gettext("Publish") %>
                 </a>
             </li>
             <li class="action-item">
                 <a class="action-discard action-secondary <% if (!published || !hasChanges) { %>is-disabled<% } %>"
-                   href="" aria-disabled="<% if (!published || !hasChanges) { %>true<% } else { %>false<% } %>"><%= gettext("Discard Changes") %>
+                   href="" aria-disabled="<% if (!published || !hasChanges) { %>true<% } else { %>false<% } %>"><%- gettext("Discard Changes") %>
                 </a>
             </li>
         </ul>
diff --git a/cms/templates/js/show-textbook.underscore b/cms/templates/js/show-textbook.underscore
index b758b40a51..ac303ba3a2 100644
--- a/cms/templates/js/show-textbook.underscore
+++ b/cms/templates/js/show-textbook.underscore
@@ -1,19 +1,19 @@
- <div class="view-textbook">
+<div class="view-textbook">
 
 <div class="wrap-textbook">
     <header>
-        <h3 class="textbook-title"><%= name %></h3>
+        <h3 class="textbook-title"><%- name %></h3>
     </header>
 
 <% if(chapters.length > 1) {%>
     <p><a href="#" class="chapter-toggle
         <% if(showChapters){ print('hide'); } else { print('show'); } %>-chapters">
         <i class="ui-toggle-expansion icon fa fa-caret-<% if(showChapters){ print('down'); } else { print('right'); } %>"></i>
-        <%= chapters.length %> PDF Chapters
+        <%- chapters.length %> PDF Chapters
     </a></p>
 <% } else if(chapters.length === 1) { %>
     <p dir="ltr">
-        <%= chapters.at(0).get("asset_path") %>
+        <%- chapters.at(0).get("asset_path") %>
     </p>
 <% } %>
 
@@ -22,8 +22,8 @@
 <ol class="chapters">
   <% chapters.each(function(chapter) { %>
     <li class="chapter">
-        <span class="chapter-name"><%= chapter.get('name') %></span>
-        <span class="chapter-asset-path"><%= chapter.get('asset_path') %></span>
+        <span class="chapter-name"><%- chapter.get('name') %></span>
+        <span class="chapter-asset-path"><%- chapter.get('asset_path') %></span>
     </li>
   <% }) %>
 </ol>
@@ -34,13 +34,13 @@
 
 <ul  class="actions textbook-actions">
     <li class="action action-view">
-        <a href="//<%= CMS.URL.LMS_BASE %>/courses/<%= course.id %>/pdfbook/<%= bookindex %>/" class="view"><%= gettext("View Live") %></a>
+        <a href="//<%- CMS.URL.LMS_BASE %>/courses/<%- course.id %>/pdfbook/<%- bookindex %>/" class="view"><%- gettext("View Live") %></a>
     </li>
     <li class="action action-edit">
-        <button class="edit"><%= gettext("Edit") %></button>
+        <button class="edit"><%- gettext("Edit") %></button>
     </li>
     <li class="action action-delete">
-        <button class="delete action-icon"><i class="icon fa fa-trash-o"></i><span><%= gettext("Delete") %></span></button>
+        <button class="delete action-icon"><i class="icon fa fa-trash-o"></i><span><%- gettext("Delete") %></span></button>
     </li>
 </ul>
 
diff --git a/cms/templates/js/signatory-details.underscore b/cms/templates/js/signatory-details.underscore
index d2eca1b178..8a0006f5c0 100644
--- a/cms/templates/js/signatory-details.underscore
+++ b/cms/templates/js/signatory-details.underscore
@@ -2,30 +2,30 @@
   <% if (CMS.User.isGlobalStaff || !certificate.get('is_active')) { %>
   <div class="actions certificate-actions signatory-panel-edit">
     <span class="action action-edit-signatory">
-      <a href="javascript:void(0);" class="edit-signatory"><i class="icon fa fa-pencil" aria-hidden="true"></i> <%= gettext("Edit") %></a>
+      <a href="javascript:void(0);" class="edit-signatory"><i class="icon fa fa-pencil" aria-hidden="true"></i> <%- gettext("Edit") %></a>
     </span>
   </div>
   <% } %>
-  <div class="signatory-panel-header"><%= gettext("Signatory") %> <%= signatory_number %>&nbsp;</div>
+  <div class="signatory-panel-header"><%- gettext("Signatory") %> <%- signatory_number %>&nbsp;</div>
   <div class="signatory-panel-body">
     <div>
         <div>
-          <span class="signatory-name-label"><b><%= gettext("Name") %>:</b>&nbsp;</span>
-          <span class="signatory-name-value"><%= name %></span>
+          <span class="signatory-name-label"><b><%- gettext("Name") %>:</b>&nbsp;</span>
+          <span class="signatory-name-value"><%- name %></span>
         </div>
         <div>
-          <span class="signatory-title-label"><b><%= gettext("Title") %>:</b>&nbsp;</span>
-          <span class="signatory-title-value"><%= title.replace(new RegExp('\r?\n','g'), '<br />') %></span>
+          <span class="signatory-title-label"><b><%- gettext("Title") %>:</b>&nbsp;</span>
+          <span class="signatory-title-value"><%= _.escape(title).replace(new RegExp('\r?\n','g'), '<br />') %></span>
         </div>
         <div>
-          <span class="signatory-organization-label"><b><%= gettext("Organization") %>:</b>&nbsp;</span>
-          <span class="signatory-organization-value"><%= organization %></span>
+          <span class="signatory-organization-label"><b><%- gettext("Organization") %>:</b>&nbsp;</span>
+          <span class="signatory-organization-value"><%- organization %></span>
         </div>
     </div>
     <div class="signatory-image">
       <% if (signature_image_path != "") { %>
             <div class="wrapper-signature-image">
-                <img class="signature-image" src="<%= signature_image_path %>" alt="<%= gettext('Signature Image') %>">
+                <img class="signature-image" src="<%- signature_image_path %>" alt="<%- gettext('Signature Image') %>">
             </div>
       <% } %>
     </div>
diff --git a/cms/templates/js/signatory-editor.underscore b/cms/templates/js/signatory-editor.underscore
index 0a2f3a4523..01a53188d9 100644
--- a/cms/templates/js/signatory-editor.underscore
+++ b/cms/templates/js/signatory-editor.underscore
@@ -2,48 +2,48 @@
        <% if (is_editing_all_collections && signatories_count > 1 && (total_saved_signatories > 1 || isNew) ) { %>
        <a class="signatory-panel-delete" href="#" data-tooltip="Delete">
           <i class="icon fa fa-trash-o" aria-hidden="true"></i>
-          <span class="sr action-button-text"><%= gettext("Delete") %></span>
+          <span class="sr action-button-text"><%- gettext("Delete") %></span>
        </a>
        <% } %>
-       <div class="signatory-panel-header"><%= gettext("Signatory") %> <%= signatory_number %></div>
+       <div class="signatory-panel-header"><%- gettext("Signatory") %> <%- signatory_number %></div>
        <div class="signatory-panel-body">
          <fieldset class="collection-fields signatory-fields">
-            <legend class="sr"><%= gettext("Certificate Signatory Configuration") %></legend>
+            <legend class="sr"><%- gettext("Certificate Signatory Configuration") %></legend>
             <div class="input-wrap field text add-signatory-name <% if(error && error.name) { print('error'); } %>">
-                <label for="signatory-name-<%= signatory_number %>"><%= gettext("Name ") %></label>
-                <input id="signatory-name-<%= signatory_number %>" class="collection-name-input input-text signatory-name-input" name="signatory-name" type="text" placeholder="<%= gettext("Name of the signatory") %>" value="<%= name %>"  aria-describedby="signatory-name-<%= signatory_number %>-tip" />
-                <span id="signatory-name-<%= signatory_number %>-tip" class="tip tip-stacked"><%= gettext("The name of this signatory as it should appear on certificates.") %></span>
+                <label for="signatory-name-<%- signatory_number %>"><%- gettext("Name ") %></label>
+                <input id="signatory-name-<%- signatory_number %>" class="collection-name-input input-text signatory-name-input" name="signatory-name" type="text" placeholder="<%- gettext("Name of the signatory") %>" value="<%- name %>"  aria-describedby="signatory-name-<%- signatory_number %>-tip" />
+                <span id="signatory-name-<%- signatory_number %>-tip" class="tip tip-stacked"><%- gettext("The name of this signatory as it should appear on certificates.") %></span>
                 <% if(error && error.name) { %>
-                  <span class="message-error"><%= error.name %></span>
+                  <span class="message-error"><%- error.name %></span>
                 <% } %>
             </div>
             <div class="input-wrap field text add-signatory-title <% if(error && error.title) { print('error'); } %>">
-                <label for="signatory-title-<%= signatory_number %>"><%= gettext("Title ") %></label>
-                <textarea id="signatory-title-<%= signatory_number %>" class="collection-name-input text input-text signatory-title-input" name="signatory-title" placeholder="<%= gettext("Title of the signatory") %>"  aria-describedby="signatory-title-<%= signatory_number %>-tip" ><%= title %></textarea>
-                <span id="signatory-title-<%= signatory_number %>-tip" class="tip tip-stacked"><%= gettext("Titles more than 100 characters may prevent students from printing their certificate on a single page.") %></span>
+                <label for="signatory-title-<%- signatory_number %>"><%- gettext("Title ") %></label>
+                <textarea id="signatory-title-<%- signatory_number %>" class="collection-name-input text input-text signatory-title-input" name="signatory-title" placeholder="<%- gettext("Title of the signatory") %>"  aria-describedby="signatory-title-<%- signatory_number %>-tip" ><%- title %></textarea>
+                <span id="signatory-title-<%- signatory_number %>-tip" class="tip tip-stacked"><%- gettext("Titles more than 100 characters may prevent students from printing their certificate on a single page.") %></span>
                 <% if(error && error.title) { %>
-                  <span class="message-error"><%= error.title %></span>
+                  <span class="message-error"><%- error.title %></span>
                 <% } %>
             </div>
             <div class="input-wrap field text add-signatory-organization <% if(error && error.organization) { print('error'); } %>">
-                <label for="signatory-organization-<%= signatory_number %>"><%= gettext("Organization ") %></label>
-                <input id="signatory-organization-<%= signatory_number %>" class="collection-name-input input-text signatory-organization-input" name="signatory-organization" type="text" placeholder="<%= gettext("Organization of the signatory") %>" value="<%= organization %>"  aria-describedby="signatory-organization-<%= signatory_number %>-tip" />
-                <span id="signatory-organization-<%= signatory_number %>-tip" class="tip tip-stacked"><%= gettext("The organization that this signatory belongs to, as it should appear on certificates.") %></span>
+                <label for="signatory-organization-<%- signatory_number %>"><%- gettext("Organization ") %></label>
+                <input id="signatory-organization-<%- signatory_number %>" class="collection-name-input input-text signatory-organization-input" name="signatory-organization" type="text" placeholder="<%- gettext("Organization of the signatory") %>" value="<%- organization %>"  aria-describedby="signatory-organization-<%- signatory_number %>-tip" />
+                <span id="signatory-organization-<%- signatory_number %>-tip" class="tip tip-stacked"><%- gettext("The organization that this signatory belongs to, as it should appear on certificates.") %></span>
                 <% if(error && error.organization) { %>
-                  <span class="message-error"><%= error.organization %></span>
+                  <span class="message-error"><%- error.organization %></span>
                 <% } %>
             </div>
             <div class="input-wrap field text add-signatory-signature">
-                <label for="signatory-signature-<%= signatory_number %>"><%= gettext("Signature Image") %></label>
+                <label for="signatory-signature-<%- signatory_number %>"><%- gettext("Signature Image") %></label>
                 <% if (signature_image_path != "") { %>
-                    <div class="current-signature-image"><span class="wrapper-signature-image"><img class="signature-image" src="<%= signature_image_path %>" alt="Signature Image"></span></div>
+                    <div class="current-signature-image"><span class="wrapper-signature-image"><img class="signature-image" src="<%- signature_image_path %>" alt="Signature Image"></span></div>
                 <% } %>
                 <div class="signature-upload-wrapper">
                   <div class="signature-upload-input-wrapper">
-                    <input id="signatory-signature-<%= signatory_number %>" class="collection-name-input input-text signatory-signature-input" name="signatory-signature-url" type="text" placeholder="<%= gettext("Path to Signature Image") %>" value="<%= signature_image_path %>"  aria-describedby="signatory-signature-<%= signatory_number %>-tip" readonly />
-                    <span id="signatory-signature-<%= signatory_number %>-tip" class="tip tip-stacked"><%= gettext("Image must be in PNG format") %></span>
+                    <input id="signatory-signature-<%- signatory_number %>" class="collection-name-input input-text signatory-signature-input" name="signatory-signature-url" type="text" placeholder="<%- gettext("Path to Signature Image") %>" value="<%- signature_image_path %>"  aria-describedby="signatory-signature-<%- signatory_number %>-tip" readonly />
+                    <span id="signatory-signature-<%- signatory_number %>-tip" class="tip tip-stacked"><%- gettext("Image must be in PNG format") %></span>
                   </div>
-                  <button type="button" class="action action-upload-signature"><%= gettext("Upload Signature Image") %></button>
+                  <button type="button" class="action action-upload-signature"><%- gettext("Upload Signature Image") %></button>
                 </div>
             </div>
          </fieldset>