diff --git a/app/core/settings.py b/app/core/settings.py
index b6a96a7..ba39306 100644
--- a/app/core/settings.py
+++ b/app/core/settings.py
@@ -108,7 +108,7 @@ CSP_SCRIPT_SRC = (
     "https://code.jquery.com",
 )
 CSP_INCLUDE_NONCE_IN = ["script-src"]
-CSP_IMG_SRC = ("'self'",)
+CSP_IMG_SRC = ("'self'", "data:")
 CSP_FONT_SRC = (
     "'self'",
     "https://fonts.gstatic.com",