diff --git a/core/modules/node/src/Plugin/Search/NodeSearch.php b/core/modules/node/src/Plugin/Search/NodeSearch.php
index 87a3851..bab5cc9 100644
--- a/core/modules/node/src/Plugin/Search/NodeSearch.php
+++ b/core/modules/node/src/Plugin/Search/NodeSearch.php
@@ -332,11 +332,9 @@ protected function prepareResults(StatementInterface $found) {
       unset($build['#theme']);
       $build['#pre_render'][] = array($this, 'removeSubmittedInfo');
 
-      // Fetch comment count for snippet.
-      $rendered = SafeMarkup::set(
-        $this->renderer->renderPlain($build) . ' ' .
-        SafeMarkup::escape($this->moduleHandler->invoke('comment', 'node_update_index', array($node, $item->langcode)))
-      );
+      // Fetch comments for snippet.
+      $rendered = $this->renderer->renderPlain($build);
+      $rendered .= ' ' . $this->moduleHandler->invoke('comment', 'node_update_index', array($node, $item->langcode));
 
       $extra = $this->moduleHandler->invokeAll('node_search_result', array($node, $item->langcode));
 
diff --git a/core/modules/search/search.module b/core/modules/search/search.module
index 25d52b5..e7ee180 100644
--- a/core/modules/search/search.module
+++ b/core/modules/search/search.module
@@ -618,7 +618,8 @@ function search_mark_for_reindex($type = NULL, $sid = NULL, $langcode = NULL) {
 /**
  * Returns snippets from a piece of text, with search keywords highlighted.
  *
- * Used for formatting search results.
+ * Used for formatting search results. All HTML tags will be stripped from
+ * $text.
  *
  * @param string $keys
  *   A string containing a search query.
diff --git a/core/modules/search/src/Tests/SearchCommentTest.php b/core/modules/search/src/Tests/SearchCommentTest.php
index b9916e2..fc96911 100644
--- a/core/modules/search/src/Tests/SearchCommentTest.php
+++ b/core/modules/search/src/Tests/SearchCommentTest.php
@@ -126,6 +126,12 @@ function testSearchResultsComment() {
     $edit_comment['comment_body[0][format]'] = $full_html_format_id;
     $this->drupalPostForm('comment/reply/node/' . $node->id() .'/comment', $edit_comment, t('Save'));
 
+    // Post a comment with an evil script as its subject.
+    $edit_comment2 = array();
+    $edit_comment2['subject[0][value]'] = "<script>alert('hello');</script>";
+    $edit_comment2['comment_body[0][value]'] = '<p>goodbye</p>';
+    $this->drupalPostForm('comment/reply/node/' . $node->id() . '/comment', $edit_comment2, t('Save'));
+
     // Invoke search index update.
     $this->drupalLogout();
     $this->cronRun();
@@ -152,6 +158,14 @@ function testSearchResultsComment() {
     $this->assertNoRaw(t('n/a'), 'HTML in comment body is not hidden.');
     $this->assertNoEscaped($edit_comment['comment_body[0][value]'], 'HTML in comment body is not escaped.');
 
+    // Search for the evil comment subject.
+    $edit = array(
+      'keys' => "hello",
+    );
+    // Verify the evil comment subject is escaped in search results.
+    $this->drupalPostForm('search/node', $edit, t('Search'));
+    $this->assertRaw('alert(&#039;<strong>hello</strong>&#039;);');
+
     // Hide comments.
     $this->drupalLogin($this->adminUser);
     $node->set('comment', CommentItemInterface::HIDDEN);