Cross-Site Scripting (XSS) is a network applications security vulnerability that uses scripts that run on client browser applications. Many web servers deliver dynamic page content to client browsers. This dynamic content includes client side scripts. If an attacker manages to inject their own scripts into the dynamic pages delivered from the server, then the client won’t be able to tell them from legitimate scripts and will execute them. This can lead to data being compromised.