diff --git a/CHANGES.md b/CHANGES.md
index 0e288d8d..18dcc476 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -3,6 +3,8 @@
  - Hotfix for wrong font urls
  - Bump Summernote to 0.8.13
  - Drop support for Python<3.8 and Django<3.2
+ - Replaced (deprecated) bleach sanitation usage with nh3. Note that the
+   styles content sanitation is no longer doable.
 
 0.8.19.0
 --------
diff --git a/README.md b/README.md
index 0fafed29..e26b50d9 100644
--- a/README.md
+++ b/README.md
@@ -119,7 +119,11 @@ Last, please don't forget to use `safe` templatetag while displaying in template
 
     {{ foobar|safe }}
 
-__Warning__: Please mind, that the widget does not provide any escaping. If you expose the widget to external users without taking care of this, it could potentially lead to an injection vulnerability. Therefore you can use the SummernoteTextFormField or SummernoteTextField, which escape all harmful tags through mozilla's package bleach:
+__Warning__: Please mind, that the widget does not provide any escaping. If
+you expose the widget to external users without taking care of this, it could
+potentially lead to an injection vulnerability. Therefore you can use the
+SummernoteTextFormField or SummernoteTextField, which escape all harmful tags
+through nh3 package:
 
 In `forms`,
 ```python
diff --git a/django_summernote/fields.py b/django_summernote/fields.py
index 49be6bd0..eb95bdd2 100644
--- a/django_summernote/fields.py
+++ b/django_summernote/fields.py
@@ -1,8 +1,8 @@
 from django.db import models
 from django.forms import fields
 
-import bleach
-from django_summernote.settings import ALLOWED_TAGS, ATTRIBUTES, STYLES
+import nh3
+from django_summernote.settings import ALLOWED_TAGS, ATTRIBUTES
 from django_summernote.widgets import SummernoteWidget
 
 # code based on https://github.com/shaunsephton/django-ckeditor
@@ -15,8 +15,9 @@ def __init__(self, *args, **kwargs):
 
     def to_python(self, value):
         value = super().to_python(value)
-        return bleach.clean(
-            value, tags=ALLOWED_TAGS, attributes=ATTRIBUTES, styles=STYLES)
+        return nh3.clean(
+            value, tags=ALLOWED_TAGS, attributes=ATTRIBUTES
+        )
 
 
 class SummernoteTextField(models.TextField):
@@ -26,5 +27,6 @@ def formfield(self, **kwargs):
 
     def to_python(self, value):
         value = super().to_python(value)
-        return bleach.clean(
-            value, tags=ALLOWED_TAGS, attributes=ATTRIBUTES, styles=STYLES)
+        return nh3.clean(
+            value, tags=ALLOWED_TAGS, attributes=ATTRIBUTES
+        )
diff --git a/django_summernote/settings.py b/django_summernote/settings.py
index 2619c70a..058aa14c 100644
--- a/django_summernote/settings.py
+++ b/django_summernote/settings.py
@@ -1,15 +1,11 @@
-ALLOWED_TAGS = [
+ALLOWED_TAGS = {
     'a', 'div', 'p', 'span', 'img', 'em', 'i', 'li', 'ol', 'ul', 'strong', 'br',
     'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
     'table', 'tbody', 'thead', 'tr', 'td',
     'abbr', 'acronym', 'b', 'blockquote', 'code', 'strike', 'u', 'sup', 'sub',
-]
-
-STYLES = [
-    'background-color', 'font-size', 'line-height', 'color', 'font-family'
-]
+}
 
 ATTRIBUTES = {
-    '*': ['style', 'align', 'title', ],
-    'a': ['href', ],
+    '*': {'style', 'align', 'title'},
+    'a': {'href'},
 }
diff --git a/django_summernote/test_django_summernote.py b/django_summernote/test_django_summernote.py
index b996be68..d6641244 100644
--- a/django_summernote/test_django_summernote.py
+++ b/django_summernote/test_django_summernote.py
@@ -88,10 +88,10 @@ class SimpleForm(forms.Form):
         assert url in html
         assert 'id="id_foobar"' in html
 
-        illegal_tags = '<script></script>'
+        illegal_tags = '<unknown>dangerous</unknown>'
         form_field = SummernoteTextFormField()
         cleaned_text = form_field.clean(illegal_tags)
-        self.assertEqual(cleaned_text, '&lt;script&gt;&lt;/script&gt;')
+        self.assertEqual(cleaned_text, 'dangerous')
 
     def test_field(self):
         from django import forms
@@ -112,11 +112,11 @@ class Meta:
         assert url in html
         assert 'id="id_foobar"' in html
 
-        illegal_tags = '<script></script>'
+        illegal_tags = '<unknown>dangerous</unknown>'
         model_field = SummernoteTextField()
         model_instance = SimpleModel1()
         cleaned_text = model_field.clean(illegal_tags, model_instance)
-        self.assertEqual(cleaned_text, '&lt;script&gt;&lt;/script&gt;')
+        self.assertEqual(cleaned_text, 'dangerous')
 
     def test_empty(self):
         from django import forms
diff --git a/django_summernote/test_settings.py b/django_summernote/test_settings.py
index db585e60..e9fd1dc2 100644
--- a/django_summernote/test_settings.py
+++ b/django_summernote/test_settings.py
@@ -18,6 +18,8 @@
 MEDIA_URL = '/media/'
 MEDIA_ROOT = 'test_media'
 
+USE_TZ = True
+
 SECRET_KEY = 'django_summernote'
 
 ROOT_URLCONF = 'django_summernote.urls'
diff --git a/requirements.txt b/requirements.txt
index cd9f07b2..2986fac8 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,2 +1,2 @@
 django
-bleach
+nh3
diff --git a/setup.py b/setup.py
index 7c4fd7ef..099e71aa 100644
--- a/setup.py
+++ b/setup.py
@@ -38,7 +38,7 @@
     description='Summernote plugin for Django',
     classifiers=CLASSIFIERS,
 
-    install_requires=['django', 'bleach'],
+    install_requires=['django', 'nh3'],
     extras_require={
         'dev': [
             'django-dummy-plug',