diff --git a/src/auth/ha-auth-flow.ts b/src/auth/ha-auth-flow.ts
index 902c2a8e07..4799fbc155 100644
--- a/src/auth/ha-auth-flow.ts
+++ b/src/auth/ha-auth-flow.ts
@@ -96,6 +96,7 @@ class HaAuthFlow extends litLocalizeLiteMixin(LitElement) {
         return html`
           ${this.localize("ui.panel.page-authorize.abort_intro")}:
           <ha-markdown
+            allowsvg
             .content=${this.localize(
               `ui.panel.page-authorize.form.providers.${
                 step.handler[0]
diff --git a/src/components/ha-markdown.ts b/src/components/ha-markdown.ts
index 41d5e08b90..e811e31373 100644
--- a/src/components/ha-markdown.ts
+++ b/src/components/ha-markdown.ts
@@ -10,6 +10,7 @@ let worker: any | undefined;
 @customElement("ha-markdown")
 class HaMarkdown extends UpdatingElement {
   @property() public content = "";
+  @property({ type: Boolean }) public allowSvg = false;
 
   protected update(changedProps) {
     super.update(changedProps);
@@ -22,11 +23,17 @@ class HaMarkdown extends UpdatingElement {
   }
 
   private async _render() {
-    this.innerHTML = await worker.renderMarkdown(this.content, {
-      breaks: true,
-      gfm: true,
-      tables: true,
-    });
+    this.innerHTML = await worker.renderMarkdown(
+      this.content,
+      {
+        breaks: true,
+        gfm: true,
+        tables: true,
+      },
+      {
+        allowSvg: this.allowSvg,
+      }
+    );
 
     this._resize();
 
diff --git a/src/dialogs/config-flow/show-dialog-config-flow.ts b/src/dialogs/config-flow/show-dialog-config-flow.ts
index 601f522d05..c91723b9c2 100644
--- a/src/dialogs/config-flow/show-dialog-config-flow.ts
+++ b/src/dialogs/config-flow/show-dialog-config-flow.ts
@@ -45,7 +45,7 @@ export const showConfigFlowDialog = (
 
       return description
         ? html`
-            <ha-markdown .content=${description}></ha-markdown>
+            <ha-markdown allowsvg .content=${description}></ha-markdown>
           `
         : "";
     },
@@ -64,7 +64,7 @@ export const showConfigFlowDialog = (
       );
       return description
         ? html`
-            <ha-markdown .content=${description}></ha-markdown>
+            <ha-markdown allowsvg .content=${description}></ha-markdown>
           `
         : "";
     },
@@ -102,7 +102,7 @@ export const showConfigFlowDialog = (
         </p>
         ${description
           ? html`
-              <ha-markdown .content=${description}></ha-markdown>
+              <ha-markdown allowsvg .content=${description}></ha-markdown>
             `
           : ""}
       `;
@@ -119,7 +119,7 @@ export const showConfigFlowDialog = (
       return html`
         ${description
           ? html`
-              <ha-markdown .content=${description}></ha-markdown>
+              <ha-markdown allowsvg .content=${description}></ha-markdown>
             `
           : ""}
         <p>Created config for ${step.title}.</p>
diff --git a/src/dialogs/config-flow/show-dialog-options-flow.ts b/src/dialogs/config-flow/show-dialog-options-flow.ts
index 740b364fbf..7720e1cea6 100644
--- a/src/dialogs/config-flow/show-dialog-options-flow.ts
+++ b/src/dialogs/config-flow/show-dialog-options-flow.ts
@@ -39,7 +39,7 @@ export const showOptionsFlowDialog = (
 
         return description
           ? html`
-              <ha-markdown .content=${description}></ha-markdown>
+              <ha-markdown allowsvg .content=${description}></ha-markdown>
             `
           : "";
       },
diff --git a/src/panels/profile/ha-mfa-module-setup-flow.js b/src/panels/profile/ha-mfa-module-setup-flow.js
index 8139c87e3f..df25be0133 100644
--- a/src/panels/profile/ha-mfa-module-setup-flow.js
+++ b/src/panels/profile/ha-mfa-module-setup-flow.js
@@ -73,6 +73,7 @@ class HaMfaModuleSetupFlow extends LocalizeMixin(EventsMixin(PolymerElement)) {
           <template is="dom-if" if="[[_step]]">
             <template is="dom-if" if="[[_equals(_step.type, 'abort')]]">
               <ha-markdown
+                allowsvg
                 content="[[_computeStepAbortedReason(localize, _step)]]"
               ></ha-markdown>
             </template>
@@ -90,6 +91,7 @@ class HaMfaModuleSetupFlow extends LocalizeMixin(EventsMixin(PolymerElement)) {
                 if="[[_computeStepDescription(localize, _step)]]"
               >
                 <ha-markdown
+                  allowsvg
                   content="[[_computeStepDescription(localize, _step)]]"
                 ></ha-markdown>
               </template>
diff --git a/src/resources/markdown_worker.ts b/src/resources/markdown_worker.ts
index 9c45e697f7..ec06680ce0 100644
--- a/src/resources/markdown_worker.ts
+++ b/src/resources/markdown_worker.ts
@@ -2,9 +2,21 @@ import marked from "marked";
 // @ts-ignore
 import filterXSS from "xss";
 
-export const renderMarkdown = (content: string, markedOptions: object) =>
+const allowedSvgTags = ["svg", "path"];
+
+const allowedTag = (tag: string) => tag === "ha-icon";
+
+export const renderMarkdown = (
+  content: string,
+  markedOptions: object,
+  hassOptions: {
+    // Do not allow SVG on untrusted content, it allows XSS.
+    allowSvg?: boolean;
+  } = {}
+) =>
   filterXSS(marked(content, markedOptions), {
-    onIgnoreTag(tag, html) {
-      return ["svg", "path", "ha-icon"].indexOf(tag) !== -1 ? html : null;
-    },
+    onIgnoreTag: hassOptions.allowSvg
+      ? (tag, html) =>
+          allowedTag(tag) || allowedSvgTags.includes(tag) ? html : null
+      : (tag, html) => (allowedTag(tag) ? html : null),
   });