Cross Site Scripting

Cross site scripting, or XSS, occurs when an application fails to properly sanitize or encode user-controlled content before rendering it in a browser. Attackers may exploit XSS to steal session tokens, manipulate page content, redirect users, perform actions on behalf of victims, or compromise user trust. In application security and bug bounty programs, XSS remains a common and important vulnerability because it directly affects users, sessions, and client-side security.