diff --git a/XSS/XSS_level4.php b/XSS/XSS_level4.php
index 45939fc..5a2ee12 100644
--- a/XSS/XSS_level4.php
+++ b/XSS/XSS_level4.php
@@ -20,6 +20,7 @@ if (isset($_GET["username"])) {
     $values = array("script", "prompt", "alert", "h1");
 
  	$user = str_replace($values, " ",$_GET["username"]);
+	$user = preg_replace("/<(.*)[S,s](.*)[C,c](.*)[R,r](.*)[I,i](.*)[P,p](.*)[T,t]>/i", "", $_GET["username"]);
 	echo "$user";
 }