Injection Checked by Vezraa
Cross-Site Scripting (XSS)
An attack where malicious scripts are injected into web pages viewed by other users.
XSS allows attackers to inject JavaScript into your pages, which executes in other users' browsers. Common vectors include unsanitized user input in comments, profiles, and search results. Can lead to session hijacking and data theft.