I propose to delete two classes:
SecurityXssFilter - ecomp-portal-BE-os - org.onap.portalapp.filter
SecurityXssValidator - ecomp-portal-BE-os - org.onap.portalapp.filter

and in consequences:
SecurityXssValidatorTest

These classes are unused anywhere in the Portal project.
SecurityXssValidator has many XSS leaks and can be mistaken used to prevent from XSS. We should use Bean Validation 2.0 (JSR 380) to validate all classes in the project and to secure users from attacks.