diff --git a/src/plugins/field_formats/common/converters/string.test.ts b/src/plugins/field_formats/common/converters/string.test.ts
index d691712b674d..e5e4023621d3 100644
--- a/src/plugins/field_formats/common/converters/string.test.ts
+++ b/src/plugins/field_formats/common/converters/string.test.ts
@@ -111,4 +111,18 @@ describe('String Format', () => {
       '<span class="ffString__emptyValue">(empty)</span>'
     );
   });
+
+  test('does escape value while highlighting', () => {
+    const string = new StringFormat();
+    expect(
+      stripSpan(
+        string.convert('<img />', 'html', {
+          field: { name: 'foo' },
+          hit: {
+            highlight: { foo: ['@kibana-highlighted-field@<img />@/kibana-highlighted-field@'] },
+          },
+        })
+      )
+    ).toBe('<mark>&lt;img /&gt;</mark>');
+  });
 });
diff --git a/src/plugins/field_formats/common/converters/string.ts b/src/plugins/field_formats/common/converters/string.ts
index 96cd78614780..a3d571897ef6 100644
--- a/src/plugins/field_formats/common/converters/string.ts
+++ b/src/plugins/field_formats/common/converters/string.ts
@@ -137,7 +137,7 @@ export class StringFormat extends FieldFormat {
     }
 
     return hit?.highlight?.[field?.name]
-      ? getHighlightHtml(val, hit.highlight[field.name])
+      ? getHighlightHtml(escape(val), hit.highlight[field.name])
       : escape(this.textConvert(val));
   };
 }