Cross-Site Scripting (XSS) is a type of attack where an attacker injects malicious scripts into a trusted website. These scripts execute in the victim’s browser, often stealing sensitive information like session cookies, credentials, or personal data. XSS exploits vulnerabilities in web applications that do not properly validate or escape user inputs. For example, in a forum application, if the input field for comments does not sanitize input, an attacker could inject
