XSS
acronymweb devsecurity
Stands for: Cross-Site Scripting
An attack that injects malicious script into a web page so it runs in other users' browsers.
Cross-Site Scripting exploits a page that reflects or stores untrusted input without escaping it, letting an attacker's JavaScript run with the victim's session. Output encoding and a Content Security Policy are the standard defences; it is a perennial OWASP Top 10 entry.
Also known as: xss, cross-site scripting, cross site scripting