diff --git a/src/main/java/itn/let/kakao/user/stepInfo/web/KakaoStepInfoController.java b/src/main/java/itn/let/kakao/user/stepInfo/web/KakaoStepInfoController.java
index d85d87b5..3dd67af8 100644
--- a/src/main/java/itn/let/kakao/user/stepInfo/web/KakaoStepInfoController.java
+++ b/src/main/java/itn/let/kakao/user/stepInfo/web/KakaoStepInfoController.java
@@ -43,7 +43,7 @@ public class KakaoStepInfoController {
 	@Resource(name = "EgovFileMngService")
 	private EgovFileMngService fileService;
 	
-	
+
 	/**
 	* @Method Name : selectKaKaoStepInfo
 	* @Project : mjon
@@ -122,6 +122,25 @@ public class KakaoStepInfoController {
 		searchVO.setBbsId(boardVO.getBbsId());
 		BoardMasterVO bbsMasterInfo = bbsAttrbService.selectBBSMasterInf(searchVO);
 		
+		/**
+		 * FAQ 타이틀 및 내용에 대한 XSS 변환 태그 원복
+		 * faqUnscript() 를 이용하여 디비에 변환 태그로 되어있는 코드를 다시 원복 시킴
+		 * ret.replaceAll("&lt;", "<").replaceAll("&gt;", ">");
+		 * 
+		 * */
+		for(int i=0; i<resultList.size(); i++) {
+			
+			String nttSj = resultList.get(i).getNttSj();
+			String nttCn = resultList.get(i).getNttCn();
+			
+			nttSj = faqUnscript(nttSj);
+			nttCn = faqUnscript(nttCn);
+			
+			resultList.get(i).setNttSj(nttSj);
+			resultList.get(i).setNttCn(nttCn);
+			
+		}
+		
 		model.addAttribute("bbsMasterInfo", bbsMasterInfo);
 		model.addAttribute("resultList", resultList);
 		model.addAttribute("resultCnt", map.get("resultCnt"));
@@ -146,4 +165,51 @@ public class KakaoStepInfoController {
 		
 		return "/web/kakao/intrd/KakaoAllimtalkIntro";
 	}
+	
+	
+	/**
+	 * XSS 방지 처리.
+	 *
+	 * @param data
+	 * @return
+	 */
+	protected String faqUnscript(String data) {
+		if (data == null || data.trim().equals("")) {
+			return "";
+		}
+
+		String ret = data;
+
+		ret = ret.replaceAll("<(S|s)(C|c)(R|r)(I|i)(P|p)(T|t)", "&lt;script");
+		ret = ret.replaceAll("</(S|s)(C|c)(R|r)(I|i)(P|p)(T|t)", "&lt;/script");
+
+		ret = ret.replaceAll("<(O|o)(B|b)(J|j)(E|e)(C|c)(T|t)", "&lt;object");
+		ret = ret.replaceAll("</(O|o)(B|b)(J|j)(E|e)(C|c)(T|t)", "&lt;/object");
+
+		ret = ret.replaceAll("<(A|a)(P|p)(P|p)(L|l)(E|e)(T|t)", "&lt;applet");
+		ret = ret.replaceAll("</(A|a)(P|p)(P|p)(L|l)(E|e)(T|t)", "&lt;/applet");
+
+		ret = ret.replaceAll("<(E|e)(M|m)(B|b)(E|e)(D|d)", "&lt;embed");
+		ret = ret.replaceAll("</(E|e)(M|m)(B|b)(E|e)(D|d)", "&lt;embed");
+
+		ret = ret.replaceAll("<(F|f)(O|o)(R|r)(M|m)", "&lt;form");
+		ret = ret.replaceAll("</(F|f)(O|o)(R|r)(M|m)", "&lt;form");
+
+		//ret = ret.replaceAll("<", "&lt;");
+		//ret = ret.replaceAll(">", "&gt;");
+		ret = ret.replaceAll("alert", "");
+		ret = ret.replaceAll("iframe", "");
+		
+		ret = ret.replaceAll("&lt;", "<").replaceAll("&gt;", ">");
+		ret = ret.replaceAll("&#40;", "\\(").replaceAll("&#41;", "\\)");
+		ret = ret.replaceAll("'", "&#39;");
+		ret = ret.replaceAll("eval\\((.*)\\)", "");
+		ret = ret.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");
+		ret = ret.replaceAll("script", "");
+		
+		return ret;
+	}
+	
+	
+	
 }