diff --git a/package-lock.json b/package-lock.json
index 3837ccc1..91ac6f15 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "ucap-webmessenger",
-  "version": "0.0.5",
+  "version": "0.0.9",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/projects/ucap-webmessenger-app/src/app/layouts/messenger/components/messages.component.ts b/projects/ucap-webmessenger-app/src/app/layouts/messenger/components/messages.component.ts
index b0311a2e..adea76cd 100644
--- a/projects/ucap-webmessenger-app/src/app/layouts/messenger/components/messages.component.ts
+++ b/projects/ucap-webmessenger-app/src/app/layouts/messenger/components/messages.component.ts
@@ -36,6 +36,7 @@ import {
   of,
   BehaviorSubject
 } from 'rxjs';
+
 import {
   Info,
   EventType,
@@ -472,14 +473,14 @@ export class MessagesComponent implements OnInit, OnDestroy, AfterViewInit {
         return this.loginResSubject.value.userSeq !== roomUserInfo.seq;
       });
     } else {
-    return this.userInfoListSubject.value
-      .filter(roomUserInfo => {
-        return (
-          this.loginResSubject.value.userSeq !== roomUserInfo.seq &&
-          roomUserInfo.isJoinRoom
-        );
-      })
-      .sort((a, b) => (a.name < b.name ? -1 : a.name > b.name ? 1 : 0));
+      return this.userInfoListSubject.value
+        .filter(roomUserInfo => {
+          return (
+            this.loginResSubject.value.userSeq !== roomUserInfo.seq &&
+            roomUserInfo.isJoinRoom
+          );
+        })
+        .sort((a, b) => (a.name < b.name ? -1 : a.name > b.name ? 1 : 0));
     }
   }
 
@@ -733,7 +734,7 @@ export class MessagesComponent implements OnInit, OnDestroy, AfterViewInit {
           roomSeq: this.roomInfoSubject.value.roomSeq,
           eventType: EventType.MassText,
           // sentMessage: message.replace(/\n/gi, '\r\n')
-          sentMessage: message
+          sentMessage: StringUtil.escapeHtml(message)
         }
       })
     );
diff --git a/projects/ucap-webmessenger-ui/src/lib/utils/string.util.ts b/projects/ucap-webmessenger-ui/src/lib/utils/string.util.ts
index 68a5eec7..169e6e93 100644
--- a/projects/ucap-webmessenger-ui/src/lib/utils/string.util.ts
+++ b/projects/ucap-webmessenger-ui/src/lib/utils/string.util.ts
@@ -236,4 +236,18 @@ export class StringUtil {
     }
     return eventMessage;
   }
+
+  static escapeHtml(dirty: string): string {
+    return (dirty + '').replace(
+      /[&<>"']/g,
+      m =>
+        ({
+          '&': '&amp;',
+          '<': '&lt;',
+          '>': '&gt;',
+          '"': '&quot;',
+          "'": '&#39;'
+        }[m])
+    );
+  }
 }