diff --git a/core/modules/views/src/Tests/ViewsEscapingTest.php b/core/modules/views/src/Tests/ViewsEscapingTest.php
index 18e4acc..3c63086 100644
--- a/core/modules/views/src/Tests/ViewsEscapingTest.php
+++ b/core/modules/views/src/Tests/ViewsEscapingTest.php
@@ -19,7 +19,7 @@ class ViewsEscapingTest extends ViewTestBase {
    *
    * @var array
    */
-  public static $testViews = array('test_page_display');
+  public static $testViews = array('test_page_display', 'test_field_header');
 
   /**
    * Used by WebTestBase::setup()
@@ -69,4 +69,21 @@ public function testViewsViewFieldsEscaping() {
     $this->assertNoEscaped('<');
   }
 
+  /**
+   * Tests for incorrectly escaped markup in a header label on a display table.
+   */
+  public function testViewsFieldHeaderEscaping() {
+    // Test with a field header label having an html element wrapper.
+    $this->drupalGet('test_field_header');
+
+    // Assert that there are no escaped '<'s characters.
+    $this->assertNoEscaped('<');
+
+    // Test with a field header label having a XSS test as a wrapper.
+    $this->drupalGet('test_field_header_xss');
+
+    // Assert that XSS test is escaped.
+    $this->assertNoRaw('<script>alert("XSS")</script>', 'Harmful tags are escaped in header label.');
+  }
+
 }
diff --git a/core/modules/views/tests/modules/views_test_config/test_views/views.view.test_field_header.yml b/core/modules/views/tests/modules/views_test_config/test_views/views.view.test_field_header.yml
new file mode 100644
index 0000000..f603bc5
--- /dev/null
+++ b/core/modules/views/tests/modules/views_test_config/test_views/views.view.test_field_header.yml
@@ -0,0 +1,49 @@
+langcode: en
+status: true
+dependencies: {  }
+id: test_field_header
+module: views
+description: ''
+tag: ''
+base_table: views_test_data
+base_field: nid
+core: '8'
+display:
+  default:
+    display_options:
+      fields:
+        name:
+          id: name
+          table: views_test_data
+          field: name
+          plugin_id: string
+          element_label_type: h2
+      style:
+        type: table
+    display_plugin: default
+    display_title: Master
+    id: default
+    position: 0
+  page_1:
+    display_options:
+      path: test_field_header
+    display_plugin: page
+    display_title: Page
+    id: page_1
+    position: 1
+  page_2:
+    display_options:
+      path: test_field_header_xss
+      defaults:
+        fields: false
+      fields:
+          name:
+            id: name
+            table: views_test_data
+            field: name
+            plugin_id: string
+            element_label_type: script>alert("XSS")</script
+    display_plugin: page
+    display_title: Page 2
+    id: page_2
+    position: 2