what is cross site scripting code example
Example: Cross-site scripting
XSS if you fill in a search field for example, and that variable is used on the page somewhere, you could type in "bullshit." "bullstit" appears in the markup. If the idiot that wrote the code doesn't filter, limit, or otherwise sanitize that value. You could have a problem... Dr. Evil could just type in some script ij the search field right? <p>Your search for 'flowers <script>evil_script()</script>'