diff --git a/wcfsetup/install/files/lib/acp/page/AttachmentListPage.class.php b/wcfsetup/install/files/lib/acp/page/AttachmentListPage.class.php
index cd3f824e6c0..0edda67d77f 100644
--- a/wcfsetup/install/files/lib/acp/page/AttachmentListPage.class.php
+++ b/wcfsetup/install/files/lib/acp/page/AttachmentListPage.class.php
@@ -2,7 +2,9 @@
 
 namespace wcf\acp\page;
 
+use wcf\data\object\type\ObjectTypeCache;
 use wcf\page\AbstractGridViewPage;
+use wcf\system\database\util\PreparedStatementConditionBuilder;
 use wcf\system\gridView\admin\AttachmentGridView;
 use wcf\system\WCF;
 
@@ -48,14 +50,34 @@ public function assignVariables()
      */
     private function getAttachmentStats(): array
     {
-        $sql = "SELECT  COUNT(*) AS count,
-                        COALESCE(SUM(file.fileSize), 0) AS size,
-                        COALESCE(SUM(downloads), 0) AS downloads
-                FROM    wcf1_attachment attachment
+        $objectTypeIDs = [];
+        foreach (ObjectTypeCache::getInstance()->getObjectTypes('com.woltlab.wcf.attachment.objectType') as $objectType) {
+            if (!$objectType->private) {
+                $objectTypeIDs[] = $objectType->objectTypeID;
+            }
+        }
+
+        if ($objectTypeIDs === []) {
+            return [
+                'count' => 0,
+                'size' => 0,
+                'downloads' => 0,
+            ];
+        }
+
+        $conditionBuilder = new PreparedStatementConditionBuilder();
+        $conditionBuilder->add('attachment.objectTypeID IN (?)', [$objectTypeIDs]);
+        $conditionBuilder->add('attachment.tmpHash = ?', ['']);
+
+        $sql = "SELECT      COUNT(*) AS count,
+                            COALESCE(SUM(file.fileSize), 0) AS size,
+                            COALESCE(SUM(downloads), 0) AS downloads
+                FROM        wcf1_attachment attachment
                 LEFT JOIN   wcf1_file file
-                ON          (file.fileID = attachment.fileID)";
+                ON          (file.fileID = attachment.fileID)
+                " . $conditionBuilder;
         $statement = WCF::getDB()->prepare($sql);
-        $statement->execute();
+        $statement->execute($conditionBuilder->getParameters());
 
         return $statement->fetchArray();
     }
diff --git a/wcfsetup/install/files/lib/system/gridView/admin/AttachmentGridView.class.php b/wcfsetup/install/files/lib/system/gridView/admin/AttachmentGridView.class.php
index 5d6d29d73c5..30778336186 100644
--- a/wcfsetup/install/files/lib/system/gridView/admin/AttachmentGridView.class.php
+++ b/wcfsetup/install/files/lib/system/gridView/admin/AttachmentGridView.class.php
@@ -6,11 +6,14 @@
 use wcf\data\attachment\AdministrativeAttachment;
 use wcf\data\attachment\AdministrativeAttachmentList;
 use wcf\data\DatabaseObject;
+use wcf\data\object\type\ObjectTypeCache;
 use wcf\event\gridView\admin\AttachmentGridViewInitialized;
+use wcf\system\database\util\PreparedStatementConditionBuilder;
 use wcf\system\gridView\AbstractGridView;
 use wcf\system\gridView\GridViewColumn;
 use wcf\system\gridView\GridViewRowLink;
 use wcf\system\gridView\renderer\AbstractColumnRenderer;
+use wcf\system\gridView\renderer\DefaultColumnRenderer;
 use wcf\system\gridView\renderer\FilesizeColumnRenderer;
 use wcf\system\gridView\renderer\ILinkColumnRenderer;
 use wcf\system\gridView\renderer\NumberColumnRenderer;
@@ -92,6 +95,27 @@ public function getClasses(): string
                 ->unsafeDisableEncoding()
                 ->renderer(new TruncatedTextColumnRenderer())
                 ->sortable(sortByDatabaseColumn: 'file_table.filename'),
+            GridViewColumn::for('container')
+                ->label('wcf.acp.attachment.content')
+                ->renderer(
+                    new class extends DefaultColumnRenderer implements ILinkColumnRenderer {
+                        #[\Override]
+                        public function render(mixed $value, DatabaseObject $row): string
+                        {
+                            \assert($row instanceof AdministrativeAttachment);
+
+                            if ($row->getContainerObject() === null) {
+                                return '';
+                            }
+
+                            return \sprintf(
+                                '<a href="%s">%s</a>',
+                                StringUtil::encodeHTML($row->getContainerObject()->getLink()),
+                                StringUtil::encodeHTML($row->getContainerObject()->getTitle())
+                            );
+                        }
+                    }
+                ),
             GridViewColumn::for('username')
                 ->label('wcf.user.username')
                 ->filter(new UserFilter('username', 'wcf.user.username', 'user_table.userID'))
@@ -109,13 +133,18 @@ public function render(mixed $value, DatabaseObject $row): string
                             if (WCF::getSession()->getPermission('admin.user.canEditUser')) {
                                 return \sprintf(
                                     '<a href="%s">%s</a>',
-                                    LinkHandler::getInstance()->getControllerLink(UserEditForm::class, [
-                                        'id' => $row->userID,
-                                    ]),
-                                    $row->username
+                                    StringUtil::encodeHTML(
+                                        LinkHandler::getInstance()->getControllerLink(
+                                            UserEditForm::class,
+                                            [
+                                                'id' => $row->userID,
+                                            ]
+                                        )
+                                    ),
+                                    StringUtil::encodeHTML($row->username)
                                 );
                             } else {
-                                return $row->username;
+                                return StringUtil::encodeHTML($row->username);
                             }
                         }
                     }
@@ -163,16 +192,26 @@ public function render(mixed $value, DatabaseObject $row): string
      */
     private function getAvailableFileTypes(): array
     {
+        $objectTypeIDs = $this->getAvailableObjectTypeIDs();
+        if ($objectTypeIDs === []) {
+            return [];
+        }
+
+        $conditionBuilder = new PreparedStatementConditionBuilder();
+        $conditionBuilder->add('attachment.fileID IS NOT NULL');
+        $conditionBuilder->add('attachment.objectTypeID IN (?)', [$objectTypeIDs]);
+        $conditionBuilder->add('attachment.tmpHash = ?', ['']);
+
         $sql = "SELECT    DISTINCT file_table.mimeType
                 FROM      wcf1_attachment attachment
                 LEFT JOIN wcf1_file file_table
                 ON        (file_table.fileID = attachment.fileID)
-                WHERE     attachment.fileID IS NOT NULL";
+                " . $conditionBuilder;
         $statement = WCF::getDB()->prepare($sql);
-        $statement->execute();
+        $statement->execute($conditionBuilder->getParameters());
         $fileTypes = $statement->fetchAll(\PDO::FETCH_COLUMN);
 
-        \ksort($fileTypes);
+        \sort($fileTypes);
 
         return \array_combine($fileTypes, $fileTypes);
     }
@@ -186,7 +225,17 @@ public function isAccessible(): bool
     #[\Override]
     protected function createObjectList(): AdministrativeAttachmentList
     {
-        return new AdministrativeAttachmentList();
+        $list = new AdministrativeAttachmentList();
+
+        $objectTypeIDs = $this->getAvailableObjectTypeIDs();
+        if ($objectTypeIDs !== []) {
+            $list->getConditionBuilder()->add('attachment.objectTypeID IN (?)', [$objectTypeIDs]);
+        } else {
+            $list->getConditionBuilder()->add('1=0');
+        }
+        $list->getConditionBuilder()->add('attachment.tmpHash = ?', ['']);
+
+        return $list;
     }
 
     #[\Override]
@@ -194,4 +243,19 @@ protected function getInitializedEvent(): AttachmentGridViewInitialized
     {
         return new AttachmentGridViewInitialized($this);
     }
+
+    /**
+     * @return list<int>
+     */
+    private function getAvailableObjectTypeIDs(): array
+    {
+        $objectTypeIDs = [];
+        foreach (ObjectTypeCache::getInstance()->getObjectTypes('com.woltlab.wcf.attachment.objectType') as $objectType) {
+            if (!$objectType->private) {
+                $objectTypeIDs[] = $objectType->objectTypeID;
+            }
+        }
+
+        return $objectTypeIDs;
+    }
 }
diff --git a/wcfsetup/install/files/lib/system/interaction/admin/AttachmentInteractions.class.php b/wcfsetup/install/files/lib/system/interaction/admin/AttachmentInteractions.class.php
index 457f2b53300..691d50ffde6 100644
--- a/wcfsetup/install/files/lib/system/interaction/admin/AttachmentInteractions.class.php
+++ b/wcfsetup/install/files/lib/system/interaction/admin/AttachmentInteractions.class.php
@@ -3,14 +3,10 @@
 namespace wcf\system\interaction\admin;
 
 use wcf\data\attachment\AdministrativeAttachment;
-use wcf\data\DatabaseObject;
 use wcf\event\interaction\admin\AttachmentInteractionCollecting;
 use wcf\system\event\EventHandler;
-use wcf\system\interaction\AbstractInteraction;
 use wcf\system\interaction\AbstractInteractionProvider;
 use wcf\system\interaction\DeleteInteraction;
-use wcf\system\WCF;
-use wcf\util\StringUtil;
 
 /**
  * Interaction provider for attachments.
@@ -26,22 +22,6 @@ public function __construct()
     {
         $this->addInteractions([
             new DeleteInteraction('core/attachments/%s'),
-            new class(
-                'goToContent',
-                static fn(AdministrativeAttachment $object) => $object->getContainerObject() !== null
-            ) extends AbstractInteraction {
-                #[\Override]
-                public function render(DatabaseObject $object): string
-                {
-                    \assert($object instanceof AdministrativeAttachment);
-
-                    return \sprintf(
-                        '<a href="%s">%s</a>',
-                        StringUtil::encodeHTML($object->getContainerObject()->getLink()),
-                        WCF::getLanguage()->get('wcf.acp.attachment.button.goToContent')
-                    );
-                }
-            }
         ]);
 
         EventHandler::getInstance()->fire(
diff --git a/wcfsetup/install/lang/de.xml b/wcfsetup/install/lang/de.xml
index 77454eadaa1..85f6e17afa4 100644
--- a/wcfsetup/install/lang/de.xml
+++ b/wcfsetup/install/lang/de.xml
@@ -113,7 +113,7 @@
 	<category name="wcf.acp.attachment">
 		<item name="wcf.acp.attachment.list"><![CDATA[Dateianhänge]]></item>
 		<item name="wcf.acp.attachment.stats"><![CDATA[<ul class="inlineList dotSeparated"><li>{#$stats.count} {if $stats.count == 1}Dateianhang{else}Dateianhänge{/if}</li><li>{@$stats.size|filesize}</li><li>{#$stats.downloads} Download{if $stats.downloads != 1}s{/if}</li></ul>]]></item>
-		<item name="wcf.acp.attachment.button.goToContent"><![CDATA[Zum Inhalt gehen]]></item>
+		<item name="wcf.acp.attachment.content"><![CDATA[Inhalt]]></item>
 	</category>
 	<category name="wcf.acp.bbcode">
 		<item name="wcf.acp.bbcode.add"><![CDATA[BBCode hinzufügen]]></item>
@@ -5731,5 +5731,6 @@ Erlaubte Dateiendungen: {', '|implode:$allowedFileExtensions}]]></item>
 	<item name="wcf.user.profileHits.hitsPerDay"/>
 	<item name="wcf.user.avatar.type.none"/>
 	<item name="wcf.user.avatar.type.custom"/>
+	<item name="wcf.acp.attachment.button.goToContent"/>
 </delete>
 </language>
diff --git a/wcfsetup/install/lang/en.xml b/wcfsetup/install/lang/en.xml
index a6ffdbd068c..d50ba462e58 100644
--- a/wcfsetup/install/lang/en.xml
+++ b/wcfsetup/install/lang/en.xml
@@ -113,7 +113,7 @@
 	<category name="wcf.acp.attachment">
 		<item name="wcf.acp.attachment.list"><![CDATA[Attachments]]></item>
 		<item name="wcf.acp.attachment.stats"><![CDATA[<ul class="inlineList dotSeparated"><li>{#$stats.count} Attachment{if $stats.count != 1}s{/if}</li><li>{@$stats.size|filesize}</li><li>{#$stats.downloads} Download{if $stats.downloads != 1}s{/if}</li></ul>]]></item>
-		<item name="wcf.acp.attachment.button.goToContent"><![CDATA[Go to Related Content]]></item>
+		<item name="wcf.acp.attachment.content"><![CDATA[Related Content]]></item>
 	</category>
 	<category name="wcf.acp.bbcode">
 		<item name="wcf.acp.bbcode.add"><![CDATA[Add BBCode]]></item>
@@ -5733,5 +5733,6 @@ Allowed extensions: {', '|implode:$allowedFileExtensions}]]></item>
 	<item name="wcf.user.profileHits.hitsPerDay"/>
 	<item name="wcf.user.avatar.type.none"/>
 	<item name="wcf.user.avatar.type.custom"/>
+	<item name="wcf.acp.attachment.button.goToContent"/>
 </delete>
 </language>