Definition:
Cross Site Scripting (XSS): Injection of malicious HTML tags into a website. XSS attacks exploit the trust users have for a website. Users assume all tags from a website will be legitimate, but attackers can use errors in the website to inject malicious tags. These errors can include fall into two primary categories: persistent, where the malicious tags are stored in the database and are not filtered, and reflected, where tags are part of the request itself and sent back to the user.
