diff --git a/package.json b/package.json
index f6a49d43..7c5de511 100644
--- a/package.json
+++ b/package.json
@@ -7,6 +7,7 @@
     "private": true,
     "dependencies": {
         "@hcaptcha/react-hcaptcha": "^0.3.9",
+        "@types/dompurify": "^2.4.0",
         "@types/history": "^4.7.5",
         "@types/react": "^16.9.20",
         "@types/react-dom": "^16.9.5",
@@ -19,6 +20,7 @@
         "canvas-confetti": "^1.5.1",
         "connected-react-router": "^6.7.0",
         "crypto-js": "^4.0.0",
+        "dompurify": "^2.4.3",
         "dotenv": "^8.2.0",
         "express": "^4.17.1",
         "history": "^4.10.1",
diff --git a/ui/src/components/Comments/index.tsx b/ui/src/components/Comments/index.tsx
index af2b51c5..98115f52 100644
--- a/ui/src/components/Comments/index.tsx
+++ b/ui/src/components/Comments/index.tsx
@@ -1,4 +1,5 @@
 import * as React from 'react'
+import DOMPurify from 'dompurify'
 
 import './styles.scss'
 
@@ -140,8 +141,8 @@ export default class Comments extends React.PureComponent<IProps, IState> {
         }
 
         if(node.comment) {
-            const summary = Comments.resolveLanguageTaggedValues(node.comment.summary);
-            const content = Comments.resolveLanguageTaggedValues(node.comment.content); 
+            const summary = node.comment.summary && DOMPurify.sanitize(Comments.resolveLanguageTaggedValues(node.comment.summary));
+            const content = node.comment.content && DOMPurify.sanitize(Comments.resolveLanguageTaggedValues(node.comment.content));
 
             stateComment = {
                 ...stateComment,