(
CROSS-Site
Scripting) Causing a user's Web browser to execute a malicious script. There are several ways this is done. One approach is to hide code in a "click here" hyperlink attached to a URL that points to a non-existent Web page. When the page is not found, the script is returned with the bogus URL, and the user's browser executes it.
An "XSS hole" is a vulnerability in an application that enables cross-site scripting to be exploited. See
parameter tampering,
buffer overflow and
CSRF.