If you check out https://explorer.e.cash/address/ecash:qz2708636snqhsxu8wnlka78h6fdp77ar59jrf5035
you can see the coins dropdowns for the tokens dont work and there is some data printed to the screen at the bottom
With Tobias's help we figured out this was due to a token name with a <script> tag in it. or an improper closing </script>
tag causing the display issue probably. But also could be possible avenue for a script injection
Adding a replace for '<' and '>' to their hexadecimal forms to prevent any unwanted html interpretation