XSS

XSS (Cross-Site Scripting) is a security vulnerability that allows an attacker to inject malicious JavaScript into a web page visited by other users. This can lead to the theft of cookies, modification of the content displayed or unauthorised actions. Protections include data escape, Content Security Policy (CSP) and server-side filters.