diff --git a/src/Mailer.php b/src/Mailer.php
index a26c878..fc9185c 100644
--- a/src/Mailer.php
+++ b/src/Mailer.php
@@ -11,6 +11,7 @@
 use craft\mail\Message;
 use yii\base\Component;
 use yii\base\InvalidConfigException;
+use yii\helpers\Html;
 use yii\helpers\Markdown;
 
 class Mailer extends Component
@@ -207,7 +208,8 @@ public function compileTextBody(Submission $submission): string
      */
     public function compileHtmlBody(string $textBody): string
     {
-        $html = Markdown::process($textBody);
+        $html = Html::encode($textBody);
+        $html = Markdown::process($html);
 
         return $html;
     }