diff --git a/.changeset/small-waves-press.md b/.changeset/small-waves-press.md
new file mode 100644
index 0000000000000..48d4fdf9f54bc
--- /dev/null
+++ b/.changeset/small-waves-press.md
@@ -0,0 +1,5 @@
+---
+'@rocket.chat/meteor': minor
+---
+
+Adds "DOMPurify" and "he" to sanitize ECDH and Livechat errors
diff --git a/apps/meteor/ee/server/services/ecdh-proxy/lib/server.ts b/apps/meteor/ee/server/services/ecdh-proxy/lib/server.ts
index 0228d5e3b93ec..ccf159f48ff45 100644
--- a/apps/meteor/ee/server/services/ecdh-proxy/lib/server.ts
+++ b/apps/meteor/ee/server/services/ecdh-proxy/lib/server.ts
@@ -7,6 +7,7 @@ import cookie from 'cookie';
 import cookieParser from 'cookie-parser';
 import type { Request, Response } from 'express';
 import express from 'express';
+import he from 'he';
 import mem from 'mem';
 import WebSocket from 'ws';
 
@@ -106,7 +107,7 @@ app.post('/api/ecdh_proxy/initEncryptedSession', async (req, res) => {
 			publicKeyString: session.publicKeyString,
 		});
 	} catch (e) {
-		res.status(400).send(e instanceof Error ? e.message : String(e));
+		res.status(400).send(e instanceof Error ? he.escape(e.message) : he.escape(String(e)));
 	}
 });
 
@@ -126,7 +127,8 @@ app.post('/api/ecdh_proxy/echo', async (req, res) => {
 		res.send(await session.encrypt(result));
 	} catch (e) {
 		console.error(e);
-		res.status(400).send(e instanceof Error ? e.message : String(e));
+		const errorMessage = e instanceof Error ? e.message : String(e);
+		res.status(400).send(he.encode(errorMessage));
 	}
 });
 
diff --git a/packages/livechat/package.json b/packages/livechat/package.json
index 33ee66d2ea0c2..5cc11a66c7d5d 100644
--- a/packages/livechat/package.json
+++ b/packages/livechat/package.json
@@ -104,6 +104,7 @@
 		"@rocket.chat/ui-kit": "workspace:~",
 		"css-vars-ponyfill": "^2.4.9",
 		"date-fns": "^2.30.0",
+		"dompurify": "^3.2.3",
 		"emoji-mart": "^3.0.1",
 		"history": "~5.3.0",
 		"i18next": "~23.4.9",
diff --git a/packages/livechat/src/components/Composer/index.tsx b/packages/livechat/src/components/Composer/index.tsx
index 1f1ce3b7369d9..aa00055688ea8 100644
--- a/packages/livechat/src/components/Composer/index.tsx
+++ b/packages/livechat/src/components/Composer/index.tsx
@@ -4,8 +4,8 @@ import type { CSSProperties } from 'preact/compat';
 
 import { createClassName } from '../../helpers/createClassName';
 import { parse } from '../../helpers/parse';
+import DOMPurify from 'dompurify';
 import styles from './styles.scss';
-
 const findLastTextNode = (node: Node): Node | null => {
 	if (node.nodeType === Node.TEXT_NODE) {
 		return node;
@@ -214,7 +214,7 @@ export class Composer extends Component<ComposerProps, ComposerState> {
 		const caretPosition = this.getCaretPosition(this.el);
 		const oldText = this.el?.innerText ?? '';
 		const newText = `${oldText.slice(0, caretPosition)}${emoji}&nbsp;${oldText.slice(caretPosition)}`;
-		this.el.innerHTML = newText;
+		this.el.innerHTML = DOMPurify.sanitize(newText);
 		this.moveCursorToEndAndFocus(caretPosition + emoji.length + 1);
 		onChange?.(this.el.innerText);
 	}