diff --git a/pom.xml b/pom.xml
index 6b89e231..404f554e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -248,6 +248,11 @@
             <version>${fortify.version}}</version>
         </dependency-->
         
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-web</artifactId>
+            <version>[4.0.9,)</version>
+        </dependency>
     </dependencies>
 
     <profiles>
diff --git a/src/main/java/com/microfocus/example/web/controllers/ProductController.java b/src/main/java/com/microfocus/example/web/controllers/ProductController.java
index 8a03f0b3..c97d6453 100644
--- a/src/main/java/com/microfocus/example/web/controllers/ProductController.java
+++ b/src/main/java/com/microfocus/example/web/controllers/ProductController.java
@@ -52,6 +52,7 @@ Insecure Web App (IWA)
 import java.nio.file.Paths;
 import java.security.Principal;
 import java.util.*;
+import org.springframework.web.util.HtmlUtils;
 
 /**
  * Controller for product pages
@@ -88,7 +89,7 @@ String GetControllerName() {
     @ResponseBody
     public ResponseEntity<String> getKeywordsContent(@Param("keywords") String keywords) {
 
-    	String retContent = "Product search using: " + keywords;
+    	String retContent = "Product search using: " + HtmlUtils.htmlEscape(HtmlUtils.htmlUnescape(String.valueOf(keywords)));
     	
         return ResponseEntity.ok().body(retContent);
     }