diff --git a/requirements.txt b/requirements.txt
index 36d31e0..fbbf386 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,5 +1,5 @@
 aiohttp~=3.6
-quart~=0.11
+quart~=0.15
 flask-wtf~=0.14
 hsluv~=0.0.2
 flask-babel~=1.0
diff --git a/snikket_web/__init__.py b/snikket_web/__init__.py
index b3c5015..657c690 100644
--- a/snikket_web/__init__.py
+++ b/snikket_web/__init__.py
@@ -17,6 +17,7 @@ from quart import (
     redirect,
     jsonify,
 )
+import werkzeug.exceptions
 
 import environ
 
@@ -40,7 +41,7 @@ async def proc() -> typing.Dict[str, typing.Any]:
 
     try:
         user_info = await infra.client.get_user_info()
-    except (aiohttp.ClientError, quart.exceptions.HTTPException):
+    except (aiohttp.ClientError, werkzeug.exceptions.HTTPException):
         user_info = {}
 
     return {
@@ -105,7 +106,7 @@ async def backend_error_handler(exc: Exception) -> quart.Response:
 
 
 async def generic_http_error(
-        exc: quart.exceptions.HTTPException,
+        exc: werkzeug.exceptions.HTTPException,
         ) -> quart.Response:
     return quart.Response(
         await render_template(
@@ -198,7 +199,7 @@ def create_app() -> quart.Quart:
         backend_error_handler,  # type:ignore
     )
     app.register_error_handler(
-        quart.exceptions.HTTPException,
+        werkzeug.exceptions.HTTPException,
         generic_http_error,  # type:ignore
     )
     app.register_error_handler(
diff --git a/snikket_web/main.py b/snikket_web/main.py
index 09746a1..ee233b8 100644
--- a/snikket_web/main.py
+++ b/snikket_web/main.py
@@ -17,6 +17,7 @@ from quart import (
     Response,
     flash,
 )
+import werkzeug.exceptions
 
 import babel
 import wtforms
@@ -76,7 +77,7 @@ async def login() -> typing.Union[str, quart.Response]:
             password = form.password.data
             try:
                 await client.login(jid, password)
-            except quart.exceptions.Unauthorized:
+            except werkzeug.exceptions.Unauthorized:
                 form.password.errors.append(ERR_CREDENTIALS_INVALID)
             else:
                 await flash(
@@ -102,7 +103,7 @@ async def about() -> str:
         extra_versions["flask-wtf"] = flask_wtf.__version__
         try:
             extra_versions["Prosody"] = await client.get_server_version()
-        except quart.exceptions.Unauthorized:
+        except werkzeug.exceptions.Unauthorized:
             extra_versions["Prosody"] = "unknown"
 
     return await render_template(
diff --git a/snikket_web/prosodyclient.py b/snikket_web/prosodyclient.py
index 68a41a4..dad3e59 100644
--- a/snikket_web/prosodyclient.py
+++ b/snikket_web/prosodyclient.py
@@ -19,7 +19,8 @@ from quart import (
     current_app, _app_ctx_stack, session as http_session, abort, redirect,
     url_for,
 )
-import quart.exceptions
+import werkzeug.exceptions
+import quart
 
 from . import xmpputil
 from .xmpputil import split_jid
@@ -489,7 +490,7 @@ class ProsodyClient:
                 session=session,
             )
             avatar_hash = avatar_info["sha1"]
-        except quart.exceptions.HTTPException:
+        except werkzeug.exceptions.HTTPException:
             avatar_hash = None
 
         return {
@@ -641,7 +642,7 @@ class ProsodyClient:
                     new_access_model,
                 )
             ))
-        except quart.exceptions.NotFound:
+        except werkzeug.exceptions.NotFound:
             if ignore_not_found:
                 return
             raise
@@ -771,7 +772,7 @@ class ProsodyClient:
             session: aiohttp.ClientSession,
             ) -> str:
         access_models = filter(
-            lambda x: not isinstance(x, quart.exceptions.NotFound),
+            lambda x: not isinstance(x, werkzeug.exceptions.NotFound),
             await asyncio.gather(
                 self.get_avatar_access_model(session=session),
                 self.get_nickname_access_model(session=session),
diff --git a/snikket_web/user.py b/snikket_web/user.py
index a51ec37..279e6e8 100644
--- a/snikket_web/user.py
+++ b/snikket_web/user.py
@@ -1,6 +1,7 @@
 import asyncio
 import typing
 
+import quart
 import quart.flask_patch
 from quart import (
     Blueprint,
@@ -11,7 +12,7 @@ from quart import (
     flash,
     current_app,
 )
-import quart.exceptions
+import werkzeug.exceptions
 
 import wtforms
 
@@ -92,8 +93,8 @@ async def change_pw() -> typing.Union[str, quart.Response]:
                 form.current_password.data,
                 form.new_password.data,
             )
-        except (quart.exceptions.Unauthorized,
-                quart.exceptions.Forbidden):
+        except (werkzeug.exceptions.Unauthorized,
+                werkzeug.exceptions.Forbidden):
             # server refused current password, set an appropriate error
             form.current_password.errors.append(
                 _("Incorrect password."),
diff --git a/snikket_web/xmpputil.py b/snikket_web/xmpputil.py
index 52a78c7..33e13b9 100644
--- a/snikket_web/xmpputil.py
+++ b/snikket_web/xmpputil.py
@@ -4,7 +4,7 @@ import typing
 import xml.etree.ElementTree as ET
 
 from quart import abort
-import quart.exceptions
+import werkzeug.exceptions
 
 
 TAG_XMPP_ERROR = "error"
@@ -234,7 +234,7 @@ def extract_pubsub_item_get_reply(
         ) -> typing.Optional[ET.Element]:
     try:
         pubsub = extract_iq_reply(iq_tree, TAG_PUBSUB)
-    except quart.exceptions.NotFound:
+    except werkzeug.exceptions.NotFound:
         return None
 
     if pubsub is None: