What is Cross-site scripting?

Cross-site scripting also referred to as XSS is a security lapse in computers which allows the attackers to infuse client-side scripts into various web pages which are being seen by other users. It is responsible for about 85% of website security vulnerabilities. It is used by the attackers to surpass all kinds of access controls. This was also responsible for about 84%of all the security lapses as per the documents presented by Symantec in 2007.

The effects of XSS attacks vary with the sensitivity of the data handled by the vulnerable site in addition to the nature of security mitigation as imposed by the site owner. The extent may vary from minor to major security risks. XSS usually attack notable vulnerabilities in the web-based applications and their servers. Some of the well-known websites which have been affected by XSS are Facebook, Twitter, MySpace, YouTube, Orkut etc.