I have below code to avoid xss-prevention
Issues but seems it's not working
<TD width="100%" class="InputColumn" colspan="2">
<TEXTAREA NAME="txt_name" ROWS="9" COLS="178"fld="ccom" onblur="javascript:trimInnerSpaces(this)"onchange="javascript:setccomSaveFlag();"><%=ESAPI.encoder().encodeForHTML(StUpCom)%></TEXTAREA>
</TD>
