diff --git a/core/modules/views/src/Plugin/views/style/StylePluginBase.php b/core/modules/views/src/Plugin/views/style/StylePluginBase.php
index 8fa4617..1687042 100644
--- a/core/modules/views/src/Plugin/views/style/StylePluginBase.php
+++ b/core/modules/views/src/Plugin/views/style/StylePluginBase.php
@@ -9,6 +9,7 @@
 
 use Drupal\Component\Utility\Html;
 use Drupal\Component\Utility\SafeMarkup;
+use Drupal\Component\Utility\Xss;
 use Drupal\Core\Form\FormStateInterface;
 use Drupal\Core\Render\Element;
 use Drupal\views\Plugin\views\display\DisplayPluginBase;
@@ -239,6 +240,11 @@ public function tokenizeValue($value, $row_index) {
 
       $value = $this->viewsTokenReplace($value, $tokens);
     }
+    else {
+      // ::viewsTokenReplace() will run Xss::filterAdmin() on the resulting
+      // string. We do the same here for consistency.
+      $value = Xss::filterAdmin($value);
+    }
     return $value;
   }