diff --git a/.gitignore b/.gitignore
index e89b995a70b..3ec40ed6de5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,6 +6,7 @@ temp
 /plugins/paymethod/paypal/vendor/
 .project
 .project/
+.vscode
 .buildpath
 .settings/
 .htaccess
diff --git a/package-lock.json b/package-lock.json
index 790ee35b2bf..111e8667a29 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -12,6 +12,7 @@
         "chart.js": "^2.9.4",
         "clone-deep": "^4.0.1",
         "debounce": "^1.2.0",
+        "dompurify": "^3.0.8",
         "element-resize-event": "^3.0.3",
         "moment": "^2.29.2",
         "tinymce": "^5.10.0",
@@ -5418,6 +5419,11 @@
         "url": "https://github.com/fb55/domhandler?sponsor=1"
       }
     },
+    "node_modules/dompurify": {
+      "version": "3.0.8",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.0.8.tgz",
+      "integrity": "sha512-b7uwreMYL2eZhrSCRC4ahLTeZcPZxSmYfmcQGXGkXiZSNW1X85v+SDM5KsWcpivIiUBH47Ji7NtyUdpLeF5JZQ=="
+    },
     "node_modules/domutils": {
       "version": "2.8.0",
       "resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz",
@@ -17406,6 +17412,11 @@
         "domelementtype": "^2.2.0"
       }
     },
+    "dompurify": {
+      "version": "3.0.8",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.0.8.tgz",
+      "integrity": "sha512-b7uwreMYL2eZhrSCRC4ahLTeZcPZxSmYfmcQGXGkXiZSNW1X85v+SDM5KsWcpivIiUBH47Ji7NtyUdpLeF5JZQ=="
+    },
     "domutils": {
       "version": "2.8.0",
       "resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz",
diff --git a/package.json b/package.json
index 39be30ccbeb..93c953f60f5 100644
--- a/package.json
+++ b/package.json
@@ -15,6 +15,7 @@
     "chart.js": "^2.9.4",
     "clone-deep": "^4.0.1",
     "debounce": "^1.2.0",
+    "dompurify": "^3.0.8",
     "element-resize-event": "^3.0.3",
     "moment": "^2.29.2",
     "tinymce": "^5.10.0",
diff --git a/plugins/importexport/native/templates/index.tpl b/plugins/importexport/native/templates/index.tpl
index 65a6b1e55fc..bb08c288b92 100644
--- a/plugins/importexport/native/templates/index.tpl
+++ b/plugins/importexport/native/templates/index.tpl
@@ -87,7 +87,7 @@
 								/>
 								<span
                                     class="listPanel__itemSubTitle"
-                                    v-html="localize(
+                                    v-strip-unsave-html="localize(
                                         item.publications.find(p => p.id == item.currentPublicationId).fullTitle,
                                         item.publications.find(p => p.id == item.currentPublicationId).locale
                                     )"
diff --git a/plugins/importexport/onix30/templates/index.tpl b/plugins/importexport/onix30/templates/index.tpl
index 6d711a07ae0..08d30766817 100644
--- a/plugins/importexport/onix30/templates/index.tpl
+++ b/plugins/importexport/onix30/templates/index.tpl
@@ -59,7 +59,7 @@
 											/>
 											<span 
                                                 class="listPanel__itemSubTitle"
-                                                v-html="localize(
+                                                v-strip-unsave-html="localize(
                                                             item.publications.find(p => p.id == item.currentPublicationId).fullTitle,
                                                             item.publications.find(p => p.id == item.currentPublicationId).locale
                                                         )"
diff --git a/plugins/pubIds/urn/js/FieldTextUrn.js b/plugins/pubIds/urn/js/FieldTextUrn.js
index f7625f4cfdb..8f73e3275bd 100644
--- a/plugins/pubIds/urn/js/FieldTextUrn.js
+++ b/plugins/pubIds/urn/js/FieldTextUrn.js
@@ -22,7 +22,7 @@ var template = pkp.Vue.compile('<div class="pkpFormField pkpFormField--text pkpF
 '			<div' +
 '				v-if="isPrimaryLocale && description"' +
 '				class="pkpFormField__description"' +
-'				v-html="description"' +
+'				v-strip-unsave-html="description"' +
 '				:id="describedByDescriptionId"' +
 '			/>' +
 '			<div class="pkpFormField__control" :class="controlClasses">' +