Security. It is a vulnerability that occurs when there is an incompleteness in the implementation of HTML generation in places where the display changes according to external input such as the input form of the Web application. The impacts caused by cross site scripting (hereinafter XSS) are as follows. · Display a fake page on the real site, and personal information etc. entered by the user by phishing are stolen · The cookie stored on the user’s PC is illegally acquired, and the user suffers impersonation · It allows you to run arbitrary scripts on the user’s browser, and the functions of the web application are exploited under the authority of the user The vulnerability countermeasure of XSS is to exclude symbol characters (metacharacters such as “<” and “&”) having special meaning in HTML when displayed.