diff --git a/app/api/views/alias.py b/app/api/views/alias.py
index d1904071..35b0cd6b 100644
--- a/app/api/views/alias.py
+++ b/app/api/views/alias.py
@@ -291,7 +291,8 @@ def update_alias(alias_id):
         changed = True
 
     if "name" in data:
-        new_name = data.get("name")
+        # to make sure alias name doesn't contain linebreak
+        new_name = data.get("name").replace("\n", "")
         alias.name = new_name
         changed = True
 
diff --git a/cron.py b/cron.py
index 9577f24d..e6a9a875 100644
--- a/cron.py
+++ b/cron.py
@@ -380,6 +380,9 @@ def sanity_check():
         if alias.email.lower().strip().replace(" ", "") != alias.email:
             LOG.exception("Alias %s email not sanitized", alias)
 
+        if alias.name and "\n" in alias.name:
+            LOG.exception("Alias %s name contains linebreak %s", alias, alias.name)
+
     for contact in Contact.query.all():
         if contact.reply_email.lower().strip().replace(" ", "") != contact.reply_email:
             LOG.exception("Contact %s reply-email not sanitized", contact)
diff --git a/tests/api/test_alias.py b/tests/api/test_alias.py
index dc9c58af..18bffeec 100644
--- a/tests/api/test_alias.py
+++ b/tests/api/test_alias.py
@@ -354,7 +354,16 @@ def test_update_alias_name(flask_client):
         headers={"Authentication": api_key.code},
         json={"name": "Test Name"},
     )
+    assert r.status_code == 200
+    alias = Alias.get(alias.id)
+    assert alias.name == "Test Name"
 
+    # update name with linebreak
+    r = flask_client.put(
+        url_for("api.update_alias", alias_id=alias.id),
+        headers={"Authentication": api_key.code},
+        json={"name": "Test \nName"},
+    )
     assert r.status_code == 200
     alias = Alias.get(alias.id)
     assert alias.name == "Test Name"