Cross-Site Scripting (XSS)
← Back to Common Vulnerabilities
Injecting malicious scripts into web pages viewed by other users. Three types: Reflected (in URL parameters), Stored (persisted in database), and DOM-based (client-side JavaScript). Mitigations include output encoding, Content Security Policy (CSP), and sanitization libraries.