Is there any specific function like htmlEscaper() for escaping VTL scripts in velocity template language?

I need to resolve Reflected XSS Cross site scripting vulnerability while using VTL script.

Solution

Using a text wrapper object.

$textFromUser.Escaped
$textFromUser.EscapedMultiLine
$textFromUser.PlainText

In this example, $textFromUser is defined in the context as a wrapper object with properties Escaped, EscapedMultiLine, and PlainText. The first property displays the text with the HTML codes escaped. The second also encodes carriage returns. The final property returns the text exactly as entered. If none of the three properties are given, the default text displayed should be Escaped.

Is it possible for a XSS attack to obtain HttpOnly cookies?
Simulate xss in angular
Laravel safe way to output text with line breaks
How to set a BeEF hook to a page
Best regex to catch XSS (Cross-site Scripting) attack (in Java)?
Determining XSS Attack Vulnerabilities
How can I sanitize user input with PHP?
How can I make sure that the array values are htmlencoded when using print_r and var_dump?
Content Security Policy: allowing all external images?
Post raw HTML data via AJAX to server with ModSecurity
Is <textarea> .value Cross-Site Scripting (XSS) safe?
Service Stack - Security XSS Query following pentest
HTML Sanitizer API - Angular (mXSS)
dangerouslySetInnerHTML not working with a <script>
How could I escape a value in custom JSP tag handler?
Assigning window.open causes a DOMException
How to safely run user-supplied Javascript code inside the browser?
HTML-Entity escaping to prevent XSS
AEM Rich Text Source Editor Anchor Tag Stripping href formed like Sightly tag
What would cause a java process to greatly exceed the Xmx or Xss limit?
How do I prevent people from doing XSS in Spring MVC?
how to set Http header X-XSS-Protection
PHP_SELF and XSS
AWS WAF Getting 403 forbidden error while trying to upload an image
XSS prevention in JSP/Servlet web application
Sanitizing user input before adding it to the DOM in Javascript
How do you configure HttpOnly cookies in tomcat / java webapps?
Is dangerouslySetInnerHTML in Next really dangerous? When is it acceptable to be used?
When is it best to sanitize user input?
Why does an empty method works like a sink in JavaScript?