### Cross-site scripting (XSS)

XSS refers to client-side code injection where the attacker injects malicious scripts into a legitimate website or web application. 
This is often achieved when the application does not validate user input and freely injects dynamic HTML content.