diff --git a/Gemfile b/Gemfile
index 2f7b64c..52cce99 100644
--- a/Gemfile
+++ b/Gemfile
@@ -77,4 +77,4 @@ gem 'hydra-role-management'
 gem "recaptcha"
 
 # Use loofah for HTML sanitization (XSS prevention)
-gem 'loofah', '~> 2.0', '>= 2.0.3'
+gem 'loofah', '~> 2.3'
diff --git a/Gemfile.lock b/Gemfile.lock
index 471a758..e7d22fd 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -153,7 +153,7 @@ GEM
     coffee-script-source (1.12.2)
     concurrent-ruby (1.1.3)
     connection_pool (2.2.2)
-    crass (1.0.4)
+    crass (1.0.5)
     daemons (1.2.6)
     declarative (0.0.10)
     declarative-option (0.1.0)
@@ -441,7 +441,7 @@ GEM
     logging (2.2.2)
       little-plugger (~> 1.1)
       multi_json (~> 1.10)
-    loofah (2.2.3)
+    loofah (2.3.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.0)
@@ -456,7 +456,7 @@ GEM
     mime-types-data (3.2016.0521)
     mini_magick (4.8.0)
     mini_mime (1.0.0)
-    mini_portile2 (2.3.0)
+    mini_portile2 (2.4.0)
     minitest (5.11.3)
     multi_json (1.13.1)
     multi_xml (0.6.0)
@@ -470,8 +470,8 @@ GEM
     noid-rails (3.0.0)
       actionpack (>= 5.0.0, < 6)
       noid (~> 0.9)
-    nokogiri (1.8.5)
-      mini_portile2 (~> 2.3.0)
+    nokogiri (1.10.5)
+      mini_portile2 (~> 2.4.0)
     oauth (0.5.4)
     oauth2 (1.4.0)
       faraday (>= 0.8, < 0.13)
@@ -767,7 +767,7 @@ DEPENDENCIES
   jbuilder (~> 2.5)
   jquery-rails
   listen (>= 3.0.5, < 3.2)
-  loofah (~> 2.0, >= 2.0.3)
+  loofah (~> 2.3)
   pg
   puma (~> 3.7)
   rails (~> 5.1.6)