src/html/template/css.go      | 2 +-
 src/html/template/css_test.go | 2 ++

diff --git a/src/html/template/css.go b/src/html/template/css.go
index 890a0c6b227feb0f58f9a80aa40b5356ef47a840..f650d8b3e843a358f62383f8524fd2e2d0b4de35 100644
--- a/src/html/template/css.go
+++ b/src/html/template/css.go
@@ -238,7 +238,7 @@ 	// or quote characters to prevent the browser from restarting parsing
 	// inside a string that might embed JavaScript source.
 	for i, c := range b {
 		switch c {
-		case 0, '"', '\'', '(', ')', '/', ';', '@', '[', '\\', ']', '`', '{', '}':
+		case 0, '"', '\'', '(', ')', '/', ';', '@', '[', '\\', ']', '`', '{', '}', '<', '>':
 			return filterFailsafe
 		case '-':
 			// Disallow <!-- or -->.
diff --git a/src/html/template/css_test.go b/src/html/template/css_test.go
index a735638b0314f6694931d48cd529f615f5aed748..2b76256a766e93b81fbfd0465694e22695a91e41 100644
--- a/src/html/template/css_test.go
+++ b/src/html/template/css_test.go
@@ -231,6 +231,8 @@ 		{`-exp\52 ession(alert(1337))`, "ZgotmplZ"},
 		{`-exp\000052 ession(alert(1337))`, "ZgotmplZ"},
 		{`-expre\0000073sion`, "-expre\x073sion"},
 		{`@import url evil.css`, "ZgotmplZ"},
+		{"<", "ZgotmplZ"},
+		{">", "ZgotmplZ"},
 	}
 	for _, test := range tests {
 		got := cssValueFilter(test.css)