Indeed it has.
Thanks for your help and fast support.
Have a nice day.
It seems like
" results in some issues if it gets used within category-description or -title because it doesn't get escaped when showing within admin-page even so it works correct on user-scope.
"><a>test</a> within the description or title...
Looks like we need
data.title = validator.sanitize(data.title).escape(); like we do for topic titles.