Cross-Site Scripting (XSS) is a type of computer security vulnerability typically found in web applications. This flaw allows an attacker to inject malicious scripts.
1. The Types of XSS
There are mainly three broad categories of XSS flaws: Stored XSS, Reflected XSS, and DOM-based XSS.
2. Prevention Techniques
- Strict Input Validation and Sanitization.
- Context-Aware Encoding.
- Content Security Policy (CSP).