diff --git a/lib/utils.js b/lib/utils.js
index 3482af9..ef041d6 100644
--- a/lib/utils.js
+++ b/lib/utils.js
@@ -96,7 +96,14 @@ function formatShortDate (d) {
 const csrfProtection = csrf({ cookie: true })
 
 async function renderMarkdown (src, opt) {
-    const content = await marked.parse(src, { async: true, ...opt })
+    const unescapedSrc = src
+        .replace(/&lt;/g, '<')
+        .replace(/&gt;/g, '>')
+        .replace(/&quot;/g, '"')
+        .replace(/&#039;/g, "'")
+        .replace(/&amp;/g, '&')
+    
+    const content = await marked.parse(unescapedSrc, { async: true, ...opt })
     return DOMPurify.sanitize(content)
 }