diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 7714899a9d..9503392804 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -134,7 +134,7 @@ def markdown_unsafe(source)
def sanitize(html)
@tags ||= Rails::Html::SafeListSanitizer.allowed_tags.to_a +
- %w[table thead tbody tr td th colgroup col style summary details] +
+ %w[table thead tbody tr td th colgroup col style summary details img] +
%w[svg g style circle line rect path polygon polyline text defs]
@attributes ||= Rails::Html::SafeListSanitizer.allowed_attributes.to_a +
%w[style target data-bs-toggle data-parent data-tab data-line data-element id] +
diff --git a/test/helpers/application_helper_test.rb b/test/helpers/application_helper_test.rb
index d5a6547c6b..f86708abac 100644
--- a/test/helpers/application_helper_test.rb
+++ b/test/helpers/application_helper_test.rb
@@ -71,12 +71,17 @@ class ApplicationHelperTest < ActiveSupport::TestCase
dirty_html = <<~HTML
+
Hello
HTML
clean_html = sanitize dirty_html
assert_no_match(/