diff --git a/app/helpers/rb_common_helper.rb b/app/helpers/rb_common_helper.rb
index b93cdb2926..9363b066e7 100644
--- a/app/helpers/rb_common_helper.rb
+++ b/app/helpers/rb_common_helper.rb
@@ -185,7 +185,7 @@ module RbCommonHelper
                    {},
                    class: 'show_burndown_chart button')
 
-    ret += javascript_tag "
+    ret += nonced_javascript_tag "
             jQuery(document).ready(function(){
               var burndown = RB.Factory.initialize(RB.Burndown, jQuery('.show_burndown_chart'));
               burndown.setSprintId(#{sprint.id});
diff --git a/config/locales/en.yml b/config/locales/en.yml
index ee763ab5ef..b753f17cc7 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -163,6 +163,7 @@ en:
   label_stories_tasks: "Stories/Tasks"
   label_task_board: "Task board"
   label_version_setting: "Versions"
+  label_version: 'Version'
   label_webcal: "Webcal Feed"
   label_wiki: "Wiki"
 
diff --git a/lib/open_project/backlogs/hooks.rb b/lib/open_project/backlogs/hooks.rb
index a11540c5b0..86721ca094 100644
--- a/lib/open_project/backlogs/hooks.rb
+++ b/lib/open_project/backlogs/hooks.rb
@@ -93,7 +93,7 @@ module OpenProject::Backlogs::Hooks
 
         # This wouldn't be necesary if the schedules plugin didn't disable the
         # contextual hook
-        snippet += javascript_tag(<<-JS)
+        snippet += nonced_javascript_tag(<<-JS)
           (function ($) {
             $(document).ready(function() {
               $('#edit_wiki_page_action').detach().appendTo("div.contextual");
diff --git a/lib/open_project/backlogs/patches/projects_controller_patch.rb b/lib/open_project/backlogs/patches/projects_controller_patch.rb
index e11db34e30..ff7600f919 100644
--- a/lib/open_project/backlogs/patches/projects_controller_patch.rb
+++ b/lib/open_project/backlogs/patches/projects_controller_patch.rb
@@ -58,7 +58,7 @@ module OpenProject::Backlogs::Patches::ProjectsControllerPatch
 
       flash[:notice] = l(:notice_successful_update)
 
-      redirect_to action: 'settings', id: @project, tab: 'backlogs_settings'
+      redirect_to controller: '/project_settings', action: 'show', id: @project, tab: 'backlogs_settings'
     end
 
     def rebuild_positions
@@ -73,7 +73,7 @@ module OpenProject::Backlogs::Patches::ProjectsControllerPatch
       logger.error($!)
       logger.error($@)
 
-      redirect_to action: 'settings', id: @project, tab: 'backlogs_settings'
+      redirect_to controller: '/project_settings', action: 'show', id: @project, tab: 'backlogs_settings'
     end
   end
 end
diff --git a/spec/controllers/versions_controller_spec.rb b/spec/controllers/versions_controller_spec.rb
index aeaa9b1a1d..1d53401e7a 100644
--- a/spec/controllers/versions_controller_spec.rb
+++ b/spec/controllers/versions_controller_spec.rb
@@ -57,7 +57,7 @@ describe VersionsController, type: :controller do
       patch 'update', params: @params
       @version.reload
 
-      expect(response).to redirect_to controller: '/projects', action: 'settings', tab: 'versions', id: @project
+      expect(response).to redirect_to controller: '/project_settings', action: 'show', tab: 'versions', id: @project
       expect(@version.name).to eq(@oldVersionName)
     end
 
@@ -66,7 +66,7 @@ describe VersionsController, type: :controller do
       patch 'update', params: @params
       @version.reload
 
-      expect(response).to redirect_to controller: '/projects', action: 'settings', tab: 'versions', id: @version.project
+      expect(response).to redirect_to controller: '/project_settings', action: 'show', tab: 'versions', id: @version.project
       expect(@version.name).to eq(@newVersionName)
     end
   end