diff --git a/xwiki-platform-core/xwiki-platform-flamingo/xwiki-platform-flamingo-skin/xwiki-platform-flamingo-skin-resources/src/main/resources/flamingo/delete.vm b/xwiki-platform-core/xwiki-platform-flamingo/xwiki-platform-flamingo-skin/xwiki-platform-flamingo-skin-resources/src/main/resources/flamingo/delete.vm
index 555b3a5a609b..c1a64fa27218 100644
--- a/xwiki-platform-core/xwiki-platform-flamingo/xwiki-platform-flamingo-skin/xwiki-platform-flamingo-skin-resources/src/main/resources/flamingo/delete.vm
+++ b/xwiki-platform-core/xwiki-platform-flamingo/xwiki-platform-flamingo-skin/xwiki-platform-flamingo-skin-resources/src/main/resources/flamingo/delete.vm
@@ -333,11 +333,11 @@
       </div>
       <input type="submit" class="btn btn-primary" value="$services.localization.render('yes')"/>
       #if("$!{request.xredirect}" != '')
-        #set($cancelUrl = "$request.xredirect")
+        #getSanitizedURLAttributeValue('a','href',$request.xredirect,$doc.getURL(),$cancelUrl)
       #else
-        #set($cancelUrl = $doc.getURL())
+        #set($cancelUrl = $escapetool.xml($doc.getURL()))
       #end
-      <a class="btn btn-default" href="$!{escapetool.xml(${cancelUrl})}">$services.localization.render('no')</a>
+      <a class="btn btn-default" href="$cancelUrl">$services.localization.render('no')</a>
     </form>
   #xwikimessageboxend()
 #end