Table of Contents
Glossary >
Cross-site Scripting (XSS)
These attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates, without validating or encoding it.