How to filter all post and get request for xss issues

We are having many number of controllers in our application and these controllers are using get and post requests, we want to filter these request from xss issues on application level. Is there any way to do this on application level so if there are any get or post request its gets purified.
We have already parameter binding ,CHtml::purifiers ,Chtml::encode but now want a solution which can pass through any security assessment tool.
Here are some request link examples
GET /application_name/page3/dependency?16ffd0cd302313598e4a18abe473b9f1bf6a2406=&TableLog_sort=created_on&_=1679697812770&dependency=/user/user/update&dependencyTabDropdownIndex=0’“()%26%25<ScRiPt%20>9aPQ(9906)&dependencyTabIndex=4&parentId=147058&parentPk=User%2C%20Profile
GARBAGE STRING given- 0’”()%26%25<ScRiPt%20>dV6E(9559)

One suggestion is to have all your controllers extend a BaseController, and in this BaseController you have a function beforeAction do your magic filtering before the action is run.

class BaseController extends CController {
  public function beforeAction() {
   // your code here

And all your existing controllers must extend from BaseController instead of CController:

class YourController extends BaseController {