diff --git a/interface/lib/classes/plugin_listview.inc.php b/interface/lib/classes/plugin_listview.inc.php
index bd0aa0e160105701a956f69780c95daa6b18dc2a..ced308b2e5a23f57bd1962d7a5e5df9337fac7b6 100644
--- a/interface/lib/classes/plugin_listview.inc.php
+++ b/interface/lib/classes/plugin_listview.inc.php
@@ -123,6 +123,10 @@ class plugin_listview extends plugin_base {
 		$lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_".$app->listform->listDef['name']."_list.lng";
 		include $lng_file;
 		$listTpl->setVar($wb);
+		
+		$csrf_token = $app->auth->csrf_token_get($app->listform->listDef['name']);
+		$_csrf_id = $csrf_token['csrf_id'];
+		$_csrf_key = $csrf_token['csrf_key'];
 
 
 		// Get the data
@@ -157,6 +161,10 @@ class plugin_listview extends plugin_base {
 				// The variable "id" contains always the index field
 				$rec["id"] = $rec[$idx_key];
 				$rec["delete_confirmation"] = $wb['delete_confirmation'];
+				
+				// CSRF Token
+				$rec["csrf_id"] = $_csrf_id;
+				$rec["csrf_key"] = $_csrf_key;
 
 				$records_new[] = $rec;
 			}
diff --git a/interface/web/admin/templates/remote_user_list.htm b/interface/web/admin/templates/remote_user_list.htm
index de65c64536cabab9d86d2286d7889ed2cc6e0f3c..7189dc20df8cc3bb1e8d4ef3d632d15a4104efdc 100644
--- a/interface/web/admin/templates/remote_user_list.htm
+++ b/interface/web/admin/templates/remote_user_list.htm
@@ -33,7 +33,7 @@
                             <td><a href="#" data-load-content="admin/remote_user_edit.php?id={tmpl_var name='remote_userid'}">{tmpl_var name="remote_userid"}</a></td>
                             <td><a href="#" data-load-content="admin/remote_user_edit.php?id={tmpl_var name='remote_userid'}">{tmpl_var name="remote_username"}</a></td>
                             <td class="text-right">
-                                <a class="btn btn-default formbutton-danger formbutton-narrow" href="javascript: ISPConfig.confirm_action('admin/remote_user_del.php?id={tmpl_var name='remote_userid'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span class="icon icon-delete"></span></a>
+                                <a class="btn btn-default formbutton-danger formbutton-narrow" href="javascript: ISPConfig.confirm_action('admin/remote_user_del.php?id={tmpl_var name='remote_userid'}&_csrf_id={tmpl_var name='csrf_id'}&_csrf_key={tmpl_var name='csrf_key'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span class="icon icon-delete"></span></a>
                             </td>
                         </tr>
                     </tmpl_loop>