diff --git a/frontend/__snapshots__/scenes-app-surveys--new-survey.png b/frontend/__snapshots__/scenes-app-surveys--new-survey.png
index 5671de85e8c52..9033d58fe25e7 100644
Binary files a/frontend/__snapshots__/scenes-app-surveys--new-survey.png and b/frontend/__snapshots__/scenes-app-surveys--new-survey.png differ
diff --git a/frontend/src/scenes/surveys/Survey.tsx b/frontend/src/scenes/surveys/Survey.tsx
index 100177211fb7b..10a67d4e96aea 100644
--- a/frontend/src/scenes/surveys/Survey.tsx
+++ b/frontend/src/scenes/surveys/Survey.tsx
@@ -5,12 +5,14 @@ import { Form, Group } from 'kea-forms'
 import { PageHeader } from 'lib/components/PageHeader'
 import { LemonSkeleton } from 'lib/lemon-ui/LemonSkeleton'
 import {
+    LemonBanner,
     LemonButton,
     LemonCheckbox,
     LemonCollapse,
     LemonDivider,
     LemonInput,
     LemonSelect,
+    LemonTabs,
     LemonTextArea,
     Link,
 } from '@posthog/lemon-ui'
@@ -36,6 +38,7 @@ import { featureFlagLogic } from 'scenes/feature-flags/featureFlagLogic'
 import { defaultSurveyFieldValues, defaultSurveyAppearance, NewSurvey, SurveyUrlMatchTypeLabels } from './constants'
 import { FEATURE_FLAGS } from 'lib/constants'
 import { FeatureFlagReleaseConditions } from 'scenes/feature-flags/FeatureFlagReleaseConditions'
+import { CodeEditor } from 'lib/components/CodeEditors'
 import { NotFound } from 'lib/components/NotFound'
 
 export const scene: SceneExport = {
@@ -68,9 +71,16 @@ export function SurveyComponent({ id }: { id?: string } = {}): JSX.Element {
 }
 
 export function SurveyForm({ id }: { id: string }): JSX.Element {
-    const { survey, surveyLoading, isEditingSurvey, hasTargetingFlag, urlMatchTypeValidationError } =
-        useValues(surveyLogic)
-    const { loadSurvey, editingSurvey, setSurveyValue, setDefaultForQuestionType } = useActions(surveyLogic)
+    const {
+        survey,
+        surveyLoading,
+        isEditingSurvey,
+        hasTargetingFlag,
+        urlMatchTypeValidationError,
+        writingHTMLDescription,
+    } = useValues(surveyLogic)
+    const { loadSurvey, editingSurvey, setSurveyValue, setDefaultForQuestionType, setWritingHTMLDescription } =
+        useActions(surveyLogic)
     const { featureFlags } = useValues(enabledFeaturesLogic)
 
     return (
@@ -153,7 +163,7 @@ export function SurveyForm({ id }: { id: string }): JSX.Element {
                                                 </div>
                                             ),
                                             content: (
-                                                <>
+                                                <div className="space-y-2">
                                                     <Field name="type" label="Question type" className="max-w-60">
                                                         <LemonSelect
                                                             onSelect={(newType) => {
@@ -216,7 +226,72 @@ export function SurveyForm({ id }: { id: string }): JSX.Element {
                                                         </Field>
                                                     )}
                                                     <Field name="description" label="Question description (optional)">
-                                                        <LemonTextArea value={question.description || ''} minRows={2} />
+                                                        {({ value, onChange }) => (
+                                                            <>
+                                                                <LemonTabs
+                                                                    activeKey={writingHTMLDescription ? 'html' : 'text'}
+                                                                    onChange={(key) =>
+                                                                        setWritingHTMLDescription(key === 'html')
+                                                                    }
+                                                                    tabs={[
+                                                                        {
+                                                                            key: 'text',
+                                                                            label: (
+                                                                                <span className="text-sm">Text</span>
+                                                                            ),
+                                                                            content: (
+                                                                                <LemonTextArea
+                                                                                    data-attr="survey-description"
+                                                                                    minRows={2}
+                                                                                    value={value}
+                                                                                    onChange={(v) => onChange(v)}
+                                                                                />
+                                                                            ),
+                                                                        },
+                                                                        {
+                                                                            key: 'html',
+                                                                            label: (
+                                                                                <span className="text-sm">HTML</span>
+                                                                            ),
+                                                                            content: (
+                                                                                <div>
+                                                                                    <CodeEditor
+                                                                                        className="border"
+                                                                                        language="html"
+                                                                                        value={value}
+                                                                                        onChange={(v) =>
+                                                                                            onChange(v ?? '')
+                                                                                        }
+                                                                                        height={150}
+                                                                                        options={{
+                                                                                            minimap: { enabled: false },
+                                                                                            wordWrap: 'on',
+                                                                                            scrollBeyondLastLine: false,
+                                                                                            automaticLayout: true,
+                                                                                            fixedOverflowWidgets: true,
+                                                                                            lineNumbers: 'off',
+                                                                                            glyphMargin: false,
+                                                                                            folding: false,
+                                                                                        }}
+                                                                                    />
+                                                                                </div>
+                                                                            ),
+                                                                        },
+                                                                    ]}
+                                                                />
+                                                                {question.description &&
+                                                                    question.description
+                                                                        ?.toLowerCase()
+                                                                        .includes('<script') && (
+                                                                        <LemonBanner type="warning">
+                                                                            Scripts won't run in the survey popup and
+                                                                            we'll remove these on save. Use the API
+                                                                            question mode to run your own scripts in
+                                                                            surveys.
+                                                                        </LemonBanner>
+                                                                    )}
+                                                            </>
+                                                        )}
                                                     </Field>
                                                     {question.type === SurveyQuestionType.Rating && (
                                                         <div className="flex flex-col gap-2">
@@ -331,7 +406,7 @@ export function SurveyForm({ id }: { id: string }): JSX.Element {
                                                             </Field>
                                                         </div>
                                                     )}
-                                                </>
+                                                </div>
                                             ),
                                         },
                                     ]}
diff --git a/frontend/src/scenes/surveys/SurveyAppearance.tsx b/frontend/src/scenes/surveys/SurveyAppearance.tsx
index b9199f0906eb5..4ab57e95ed773 100644
--- a/frontend/src/scenes/surveys/SurveyAppearance.tsx
+++ b/frontend/src/scenes/surveys/SurveyAppearance.tsx
@@ -24,6 +24,7 @@ import { useValues } from 'kea'
 import { useEffect, useRef, useState } from 'react'
 import { FEATURE_FLAGS } from 'lib/constants'
 import { featureFlagLogic } from 'lib/logic/featureFlagLogic'
+import { sanitize } from 'dompurify'
 
 interface SurveyAppearanceProps {
     type: SurveyQuestionType
@@ -270,7 +271,12 @@ function BaseAppearance({
                 </div>
                 <div className="question-textarea-wrapper">
                     <div className="survey-question">{question}</div>
-                    {description && <div className="description">{description}</div>}
+                    {/* Using dangerouslySetInnerHTML is safe here, because it's taking the user's input and showing it to the same user.
+                    They can try passing in arbitrary scripts, but it would show up only for them, so it's like trying to XSS yourself, where
+                    you already have all the data. Furthermore, sanitization should catch all obvious attempts */}
+                    {description && (
+                        <div className="description" dangerouslySetInnerHTML={{ __html: sanitize(description) }} />
+                    )}
                     {type === SurveyQuestionType.Open && (
                         <textarea
                             style={{
diff --git a/frontend/src/scenes/surveys/surveyLogic.tsx b/frontend/src/scenes/surveys/surveyLogic.tsx
index 7dc20e94e1854..21a016c7eb3a3 100644
--- a/frontend/src/scenes/surveys/surveyLogic.tsx
+++ b/frontend/src/scenes/surveys/surveyLogic.tsx
@@ -34,6 +34,7 @@ import {
     NEW_SURVEY,
     NewSurvey,
 } from './constants'
+import { sanitize } from 'dompurify'
 
 export interface SurveyLogicProps {
     id: string | 'new'
@@ -94,6 +95,7 @@ export const surveyLogic = kea<surveyLogicType>([
         }),
         archiveSurvey: true,
         setCurrentQuestionIndexAndType: (idx: number, type: SurveyQuestionType) => ({ idx, type }),
+        setWritingHTMLDescription: (writingHTML: boolean) => ({ writingHTML }),
     }),
     loaders(({ props, actions, values }) => ({
         survey: {
@@ -110,11 +112,11 @@ export const surveyLogic = kea<surveyLogicType>([
                 }
                 return { ...NEW_SURVEY }
             },
-            createSurvey: async (surveyPayload) => {
-                return await api.surveys.create(surveyPayload)
+            createSurvey: async (surveyPayload: Partial<Survey>) => {
+                return await api.surveys.create(sanitizeQuestions(surveyPayload))
             },
-            updateSurvey: async (surveyPayload) => {
-                return await api.surveys.update(props.id, surveyPayload)
+            updateSurvey: async (surveyPayload: Partial<Survey>) => {
+                return await api.surveys.update(props.id, sanitizeQuestions(surveyPayload))
             },
             launchSurvey: async () => {
                 const startDate = dayjs()
@@ -259,6 +261,12 @@ export const surveyLogic = kea<surveyLogicType>([
                 setCurrentQuestionIndexAndType: (_, { idx, type }) => ({ idx, type }),
             },
         ],
+        writingHTMLDescription: [
+            false,
+            {
+                setWritingHTMLDescription: (_, { writingHTML }) => writingHTML,
+            },
+        ],
     }),
     selectors({
         isSurveyRunning: [
@@ -514,3 +522,19 @@ export const surveyLogic = kea<surveyLogicType>([
         }
     }),
 ])
+
+function sanitizeQuestions(surveyPayload: Partial<Survey>): Partial<Survey> {
+    if (!surveyPayload.questions) {
+        return surveyPayload
+    }
+    return {
+        ...surveyPayload,
+        questions: surveyPayload.questions?.map((rawQuestion) => {
+            return {
+                ...rawQuestion,
+                description: sanitize(rawQuestion.description || ''),
+                question: sanitize(rawQuestion.question || ''),
+            }
+        }),
+    }
+}
diff --git a/package.json b/package.json
index 52570c0d966bd..8b87445c5542c 100644
--- a/package.json
+++ b/package.json
@@ -104,6 +104,7 @@
         "d3": "^7.8.2",
         "d3-sankey": "^0.12.3",
         "dayjs": "^1.10.7",
+        "dompurify": "^3.0.6",
         "esbuild": "^0.14.54",
         "esbuild-plugin-less": "^1.1.7",
         "esbuild-sass-plugin": "^1.8.2",
@@ -201,6 +202,7 @@
         "@types/clone": "^2.1.1",
         "@types/d3": "^7.4.0",
         "@types/d3-sankey": "^0.12.1",
+        "@types/dompurify": "^3.0.3",
         "@types/image-blob-reduce": "^4.1.1",
         "@types/jest": "^29.2.3",
         "@types/jest-image-snapshot": "^6.1.0",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index a2a78d43a25c1..df1bf198aa3e0 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -131,6 +131,9 @@ dependencies:
   dayjs:
     specifier: ^1.10.7
     version: 1.11.6
+  dompurify:
+    specifier: ^3.0.6
+    version: 3.0.6
   esbuild:
     specifier: ^0.14.54
     version: 0.14.54
@@ -420,6 +423,9 @@ devDependencies:
   '@types/d3-sankey':
     specifier: ^0.12.1
     version: 0.12.1
+  '@types/dompurify':
+    specifier: ^3.0.3
+    version: 3.0.3
   '@types/image-blob-reduce':
     specifier: ^4.1.1
     version: 4.1.1
@@ -6056,6 +6062,12 @@ packages:
     resolution: {integrity: sha512-w5jZ0ee+HaPOaX25X2/2oGR/7rgAQSYII7X7pp0m9KgBfMP7uKfMfTvcpl5Dj+eDBbpxKGiqE+flqDr6XTd2RA==}
     dev: true
 
+  /@types/dompurify@3.0.3:
+    resolution: {integrity: sha512-odiGr/9/qMqjcBOe5UhcNLOFHSYmKFOyr+bJ/Xu3Qp4k1pNPAlNLUVNNLcLfjQI7+W7ObX58EdD3H+3p3voOvA==}
+    dependencies:
+      '@types/trusted-types': 2.0.4
+    dev: true
+
   /@types/ejs@3.1.2:
     resolution: {integrity: sha512-ZmiaE3wglXVWBM9fyVC17aGPkLo/UgaOjEiI2FXQfyczrCefORPxIe+2dVmnmk3zkVIbizjrlQzmPGhSYGXG5g==}
     dev: true
@@ -6493,6 +6505,10 @@ packages:
     resolution: {integrity: sha512-Q5vtl1W5ue16D+nIaW8JWebSSraJVlK+EthKn7e7UcD4KWsaSJ8BqGPXNaPghgtcn/fhvrN17Tv8ksUsQpiplw==}
     dev: true
 
+  /@types/trusted-types@2.0.4:
+    resolution: {integrity: sha512-IDaobHimLQhjwsQ/NMwRVfa/yL7L/wriQPMhw1ZJall0KX6E1oxk29XMDeilW5qTIg5aoiqf5Udy8U/51aNoQQ==}
+    dev: true
+
   /@types/unist@2.0.6:
     resolution: {integrity: sha512-PBjIUxZHOuj0R15/xuwJYjFi+KZdNFrehocChv4g5hu6aFroHue8m0lBP0POdK2nKzbw0cgV1mws8+V/JAcEkQ==}
 
@@ -9383,6 +9399,10 @@ packages:
       domelementtype: 2.3.0
     dev: false
 
+  /dompurify@3.0.6:
+    resolution: {integrity: sha512-ilkD8YEnnGh1zJ240uJsW7AzE+2qpbOUYjacomn3AvJ6J4JhKGSZ2nh4wUIXPZrEPppaCLx5jFe8T89Rk8tQ7w==}
+    dev: false
+
   /domutils@1.7.0:
     resolution: {integrity: sha512-Lgd2XcJ/NjEw+7tFvfKxOzCYKZsdct5lczQ2ZaQY8Djz7pfAD3Gbp8ySJWtreII/vDlMVmxwa6pHmdxIYgttDg==}
     dependencies:
@@ -13124,7 +13144,7 @@ packages:
     dependencies:
       universalify: 2.0.0
     optionalDependencies:
-      graceful-fs: 4.2.10
+      graceful-fs: 4.2.11
 
   /jsprim@2.0.2:
     resolution: {integrity: sha512-gqXddjPqQ6G40VdnI6T6yObEC+pDNvyP95wdQhkWkg7crHH3km5qP1FsOXEkzEQwnz6gz5qGTn1c2Y52wP3OyQ==}
diff --git a/posthog/api/survey.py b/posthog/api/survey.py
index 485a0bef58c5e..7d672aadf5938 100644
--- a/posthog/api/survey.py
+++ b/posthog/api/survey.py
@@ -26,6 +26,8 @@
 
 from posthog.utils_cors import cors_response
 
+import nh3
+
 SURVEY_TARGETING_FLAG_PREFIX = "survey-targeting-"
 
 
@@ -87,6 +89,36 @@ class Meta:
         ]
         read_only_fields = ["id", "linked_flag", "targeting_flag", "created_at"]
 
+    def validate_questions(self, value):
+        if value is None:
+            return value
+
+        if not isinstance(value, list):
+            raise serializers.ValidationError("Questions must be a list of objects")
+
+        cleaned_questions = []
+        for raw_question in value:
+            if not isinstance(raw_question, dict):
+                raise serializers.ValidationError("Questions must be a list of objects")
+
+            cleaned_question = {
+                **raw_question,
+            }
+            question_text = raw_question.get("question")
+
+            if not question_text:
+                raise serializers.ValidationError("Question text is required")
+
+            description = raw_question.get("description")
+            if nh3.is_html(question_text):
+                cleaned_question["question"] = nh3.clean(question_text)
+            if description and nh3.is_html(description):
+                cleaned_question["description"] = nh3.clean(description)
+
+            cleaned_questions.append(cleaned_question)
+
+        return cleaned_questions
+
     def validate(self, data):
         linked_flag_id = data.get("linked_flag_id")
         if linked_flag_id:
diff --git a/posthog/api/test/test_survey.py b/posthog/api/test/test_survey.py
index 44cd8067d0b7a..60b6303985519 100644
--- a/posthog/api/test/test_survey.py
+++ b/posthog/api/test/test_survey.py
@@ -640,6 +640,163 @@ def test_updating_survey_name_validates(self):
         )
 
 
+class TestSurveyQuestionValidation(APIBaseTest):
+    def test_create_basic_survey_question_validation(self):
+        response = self.client.post(
+            f"/api/projects/{self.team.id}/surveys/",
+            data={
+                "name": "Notebooks beta release survey",
+                "description": "Get feedback on the new notebooks feature",
+                "type": "popover",
+                "questions": [
+                    {"type": "open", "question": "What up?", "description": "<script>alert(0)</script>check?"},
+                    {
+                        "type": "link",
+                        "link": "bazinga.com",
+                        "question": "<b>What</b> do you think of the new notebooks feature?",
+                    },
+                ],
+            },
+            format="json",
+        )
+        response_data = response.json()
+        assert response.status_code == status.HTTP_201_CREATED, response_data
+        assert Survey.objects.filter(id=response_data["id"]).exists()
+        assert response_data["name"] == "Notebooks beta release survey"
+        assert response_data["description"] == "Get feedback on the new notebooks feature"
+        assert response_data["type"] == "popover"
+        assert response_data["questions"] == [
+            {"type": "open", "question": "What up?", "description": "check?"},
+            {
+                "type": "link",
+                "link": "bazinga.com",
+                "question": "<b>What</b> do you think of the new notebooks feature?",
+            },
+        ]
+        assert response_data["created_by"]["id"] == self.user.id
+
+    def test_update_basic_survey_question_validation(self):
+
+        basic_survey = self.client.post(
+            f"/api/projects/{self.team.id}/surveys/",
+            data={
+                "name": "survey without targeting",
+                "type": "popover",
+            },
+            format="json",
+        ).json()
+
+        response = self.client.patch(
+            f"/api/projects/{self.team.id}/surveys/{basic_survey['id']}/",
+            data={
+                "name": "Notebooks beta release survey",
+                "description": "Get feedback on the new notebooks feature",
+                "type": "popover",
+                "questions": [
+                    {"type": "open", "question": "What up?", "description": "<script>alert(0)</script>check?"},
+                    {
+                        "type": "link",
+                        "link": "bazinga.com",
+                        "question": "<b>What</b> do you think of the new notebooks feature?",
+                    },
+                ],
+            },
+            format="json",
+        )
+        response_data = response.json()
+        assert response.status_code == status.HTTP_200_OK, response_data
+        assert Survey.objects.filter(id=response_data["id"]).exists()
+        assert response_data["name"] == "Notebooks beta release survey"
+        assert response_data["description"] == "Get feedback on the new notebooks feature"
+        assert response_data["type"] == "popover"
+        assert response_data["questions"] == [
+            {"type": "open", "question": "What up?", "description": "check?"},
+            {
+                "type": "link",
+                "link": "bazinga.com",
+                "question": "<b>What</b> do you think of the new notebooks feature?",
+            },
+        ]
+        assert response_data["created_by"]["id"] == self.user.id
+
+    def test_cleaning_empty_questions(self):
+        response = self.client.post(
+            f"/api/projects/{self.team.id}/surveys/",
+            data={
+                "name": "Notebooks beta release survey",
+                "description": "Get feedback on the new notebooks feature",
+                "type": "popover",
+                "questions": [],
+            },
+            format="json",
+        )
+        response_data = response.json()
+        assert response.status_code == status.HTTP_201_CREATED, response_data
+        assert Survey.objects.filter(id=response_data["id"]).exists()
+        assert response_data["name"] == "Notebooks beta release survey"
+        assert response_data["questions"] == []
+
+    def test_validate_question_with_missing_text(self):
+        response = self.client.post(
+            f"/api/projects/{self.team.id}/surveys/",
+            data={
+                "name": "Notebooks beta release survey",
+                "description": "Get feedback on the new notebooks feature",
+                "type": "popover",
+                "questions": [{"type": "open"}],
+            },
+            format="json",
+        )
+        response_data = response.json()
+        assert response.status_code == status.HTTP_400_BAD_REQUEST, response_data
+        assert response_data["detail"] == "Question text is required"
+
+    def test_validate_malformed_questions(self):
+        response = self.client.post(
+            f"/api/projects/{self.team.id}/surveys/",
+            data={
+                "name": "Notebooks beta release survey",
+                "description": "Get feedback on the new notebooks feature",
+                "type": "popover",
+                "questions": "",
+            },
+            format="json",
+        )
+        response_data = response.json()
+        assert response.status_code == status.HTTP_400_BAD_REQUEST, response_data
+        assert response_data["detail"] == "Questions must be a list of objects"
+
+    def test_validate_malformed_questions_as_string(self):
+        response = self.client.post(
+            f"/api/projects/{self.team.id}/surveys/",
+            data={
+                "name": "Notebooks beta release survey",
+                "description": "Get feedback on the new notebooks feature",
+                "type": "popover",
+                "questions": "this is my question",
+            },
+            format="json",
+        )
+        response_data = response.json()
+        assert response.status_code == status.HTTP_400_BAD_REQUEST, response_data
+        assert response_data["detail"] == "Questions must be a list of objects"
+
+    def test_validate_malformed_questions_as_array_of_strings(self):
+        response = self.client.post(
+            f"/api/projects/{self.team.id}/surveys/",
+            data={
+                "name": "Notebooks beta release survey",
+                "description": "Get feedback on the new notebooks feature",
+                "type": "popover",
+                "questions": ["this is my question"],
+            },
+            format="json",
+        )
+        response_data = response.json()
+        assert response.status_code == status.HTTP_400_BAD_REQUEST, response_data
+        assert response_data["detail"] == "Questions must be a list of objects"
+
+
 class TestSurveysAPIList(BaseTest, QueryMatchingTest):
     def setUp(self):
         cache.clear()
diff --git a/posthog/models/feature_flag/flag_matching.py b/posthog/models/feature_flag/flag_matching.py
index 2d2f76bb41595..0ee0deb83fb6e 100644
--- a/posthog/models/feature_flag/flag_matching.py
+++ b/posthog/models/feature_flag/flag_matching.py
@@ -496,6 +496,7 @@ def hashed_identifier(self, feature_flag: FeatureFlag) -> Optional[str]:
                     return self.hash_key_overrides[feature_flag.key]
             return self.distinct_id
         else:
+            # TODO: Don't use the cache if self.groups is empty, since that means no groups provided anyway
             # :TRICKY: If aggregating by groups
             group_type_name = self.cache.group_type_index_to_name.get(feature_flag.aggregation_group_type_index)
             group_key = self.groups.get(group_type_name)  # type: ignore
diff --git a/requirements.in b/requirements.in
index 673f7e045a34e..fbad668ecd89f 100644
--- a/requirements.in
+++ b/requirements.in
@@ -86,3 +86,4 @@ more-itertools==9.0.0
 django-two-factor-auth==1.14.0
 phonenumberslite==8.13.6
 openai==0.27.8
+nh3==0.2.14
\ No newline at end of file
diff --git a/requirements.txt b/requirements.txt
index beb9261497bb4..ca2dc7c9389be 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -301,6 +301,8 @@ multidict==6.0.2
     #   yarl
 mypy-boto3-s3==1.26.127
     # via boto3-stubs
+nh3==0.2.14
+    # via -r requirements.in
 numpy==1.23.3
     # via
     #   -r requirements.in