Index: wp-includes/theme.php
===================================================================
--- wp-includes/theme.php	(revision 23582)
+++ wp-includes/theme.php	(working copy)
@@ -986,7 +986,7 @@
  * @since 2.1.0
  */
 function header_image() {
-	echo get_header_image();
+	echo esc_url( get_header_image() );
 }
 
 /**