Specifically, there's a line in the code that converts all <'s into < and >'s into >. I'd imagine that maybe removing the second one would help, but that doesn't remedy the problem.
I just think this site should just be recoded to not inject raw HTML to begin with.