---
title: Cross-site scripting (XSS)
tags: Cross-site scripting (XSS)
---

XSS refers to client-side code injection where the attacker injects malicious scripts into a legitimate website or web application. 
This is often achieved when the application does not validate user input and freely injects dynamic HTML content.