diff --git a/apps/student/build.gradle b/apps/student/build.gradle
index cf9001d443..75af410e7b 100644
--- a/apps/student/build.gradle
+++ b/apps/student/build.gradle
@@ -58,7 +58,7 @@ android {
         applicationId "com.instructure.candroid"
         minSdkVersion Versions.MIN_SDK
         targetSdkVersion Versions.TARGET_SDK
-        versionCode = 219
+        versionCode = 220
         versionName = '6.9.1'
 
         vectorDrawables.useSupportLibrary = true
diff --git a/apps/teacher/build.gradle b/apps/teacher/build.gradle
index fa7eba041f..6513c3e226 100644
--- a/apps/teacher/build.gradle
+++ b/apps/teacher/build.gradle
@@ -41,7 +41,7 @@ android {
     defaultConfig {
         minSdkVersion Versions.MIN_SDK
         targetSdkVersion Versions.TARGET_SDK
-        versionCode = 32
+        versionCode = 33
         versionName = '1.11.2'
         vectorDrawables.useSupportLibrary = true
         multiDexEnabled true
diff --git a/libs/pandautils/build.gradle b/libs/pandautils/build.gradle
index 760b83467e..7753354556 100644
--- a/libs/pandautils/build.gradle
+++ b/libs/pandautils/build.gradle
@@ -117,6 +117,7 @@ dependencies {
     api ('com.davemorrissey.labs:subsampling-scale-image-view:3.9.0') {
         exclude group: "androidx.exifinterface"
     }
+    implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20200713.1'
 
     /* Crashlytics */
     implementation(Libs.CRASHLYTICS) {
diff --git a/libs/pandautils/src/main/java/com/instructure/pandautils/discussions/DiscussionEntryHtmlConverter.kt b/libs/pandautils/src/main/java/com/instructure/pandautils/discussions/DiscussionEntryHtmlConverter.kt
index c7e7a8be34..292d7836ab 100644
--- a/libs/pandautils/src/main/java/com/instructure/pandautils/discussions/DiscussionEntryHtmlConverter.kt
+++ b/libs/pandautils/src/main/java/com/instructure/pandautils/discussions/DiscussionEntryHtmlConverter.kt
@@ -24,6 +24,7 @@ import com.instructure.canvasapi2.utils.localized
 import com.instructure.canvasapi2.utils.toDate
 import com.instructure.pandautils.BuildConfig
 import com.instructure.pandautils.R
+import org.owasp.html.HtmlPolicyBuilder
 
 /**
  * Used to convert DiscussionEntries into HTML. Typically this class only takes data and does little calculation.
@@ -213,7 +214,7 @@ class DiscussionEntryHtmlConverter {
 
                 .replace("__AVATAR_URL__", avatarImage)
                 .replace("__AVATAR_ALT__", context.getString(R.string.userAvatar))
-                .replace("__TITLE__", authorName)
+                .replace("__TITLE__", sanitizePolicy.sanitize(authorName))
                 .replace("__DATE__", date)
                 .replace("__CONTENT_HTML__", content)
                 .replace("__HEADER_ID__", discussionEntry.id.toString())
@@ -295,5 +296,8 @@ class DiscussionEntryHtmlConverter {
                 discussionEntry.ratingSum.localized
             )
         }
+
+        // Use a default policy which should disallow all tags, attributes, etc.
+        private val sanitizePolicy = HtmlPolicyBuilder().toFactory()
     }
 }