diff --git a/server/lib/render-connection.js b/server/lib/render-connection.js
index d91ccb512..9dd926e05 100644
--- a/server/lib/render-connection.js
+++ b/server/lib/render-connection.js
@@ -1,4 +1,9 @@
-const _ = require('lodash');
+const mustache = require('mustache');
+
+// Disable HTML escaping. We're not using it for HTML
+mustache.escape = function (text) {
+  return text;
+};
 
 /**
  * Iterates over connection object, replacing any template strings with values from user
@@ -19,9 +24,7 @@ function renderConnection(connection, user) {
     } else {
       const value = connection[key];
       if (typeof value === 'string') {
-        _.templateSettings.interpolate = /{{([\s\S]+?)}}/g;
-        const compiled = _.template(value);
-        replaced[key] = compiled({ user });
+        replaced[key] = mustache.render(value, { user });
       } else {
         replaced[key] = value;
       }
diff --git a/server/package-lock.json b/server/package-lock.json
index b8239313e..b2bf813a4 100644
--- a/server/package-lock.json
+++ b/server/package-lock.json
@@ -4097,6 +4097,11 @@
         "tedious": "^14.0.0"
       }
     },
+    "mustache": {
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz",
+      "integrity": "sha512-71ippSywq5Yb7/tVYyGbkBggbU8H3u5Rz56fH60jGFgr8uHwxs+aSKeqmluIVzM0m0kB7xQjKS6qPfd0b2ZoqQ=="
+    },
     "mysql": {
       "version": "2.18.1",
       "resolved": "https://registry.npmjs.org/mysql/-/mysql-2.18.1.tgz",
diff --git a/server/package.json b/server/package.json
index 57786198c..8b0b74a06 100644
--- a/server/package.json
+++ b/server/package.json
@@ -69,6 +69,7 @@
     "mkdirp": "^1.0.4",
     "moment": "^2.29.1",
     "mssql": "^8.0.2",
+    "mustache": "^4.2.0",
     "mysql": "^2.18.1",
     "mysql2": "^2.3.3",
     "node-crate": "^2.0.6",