diff --git a/hushline/settings/__init__.py b/hushline/settings/__init__.py
index 7a553c1f..41c29693 100644
--- a/hushline/settings/__init__.py
+++ b/hushline/settings/__init__.py
@@ -5,6 +5,7 @@
 from typing import Optional
 
 import aiohttp
+import bleach
 import pyotp
 import qrcode
 import requests
@@ -811,15 +812,18 @@ async def alias(username_id: int) -> Response | str:
             profile_form=profile_form,
         )
 
+
     @bp.route("/update-directory-intro", methods=["POST"])
     @admin_authentication_required
     def update_directory_intro_text() -> Response:
         form = UpdateDirectoryIntroTextForm()
-        intro_text = form.directory_intro_text.data
-
-        if intro_text.strip() == "":
-            flash("❌ Failed to update introduction text. Please check your input.", "error")
-        elif form.validate_on_submit():
+        if form.validate_on_submit():
+            intro_text = bleach.clean(
+                form.directory_intro_text.data,
+                tags=["b", "i", "u", "em", "strong", "a"],
+                attributes={"a": ["href", "title"]},
+                strip=True
+            )
             OrganizationSetting.upsert(key=OrganizationSetting.DIRECTORY_INTRO, value=intro_text)
             db.session.commit()
             flash("✅ Directory introduction text updated successfully.", "success")
diff --git a/hushline/templates/directory.html b/hushline/templates/directory.html
index f3dc5c3c..667f4c03 100644
--- a/hushline/templates/directory.html
+++ b/hushline/templates/directory.html
@@ -2,7 +2,7 @@
 content %}
 <h2>User Directory</h2>
 {% if intro_text %}
-  <p class="helper section-intro">{{ intro_text }}</p>
+  <p class="helper section-intro">{{ intro_text | safe }}</p>
 {% endif %}
 <div class="directory-tabs">
   <ul class="tab-list" role="tablist">