Cross Site Scripting

nouncandidate·updated May 12, 2026

GlossaryL1 — what DictionaryL2 — how used ThesaurusL3 — relations Universaleverything

A vulnerability that allows attackers to inject malicious code into an otherwise benign website. These scripts acquire the permissions of scripts generated by the target website and can therefore compromise the confidentiality and integrity of data transfers between the website and client. Websites are vulnerable if they display user supplied data from requests or forms without sanitizing the data so that it is not executable.

MWE

Classifications

per-axis with provenance

Entity Type

Vulnerability0%rule-basedmulti_axis_classifier_low_confidence.v1

?unassignedlast reviewed —

Sensitivity

Regulated72%llm-generatedllm:claude-haiku-4-5

?unassignedlast reviewed —

Information Class

—50%llm-generatedllm:claude-haiku-4-5

?unassignedlast reviewed —

Variants

8 surface forms

acronym: XSS
alternatephrasing: Cross-site scripting
plural: Cross Site ScriptingsCross-site scriptings
possessive: Cross Site Scripting'sCross-site scripting's
pluralpossessive: Cross Site Scriptings'Cross-site scriptings'

Continue to:Dictionary →How is this term used per framework?Thesaurus →How does this term relate to other terms?Universal →Everything in one page.