Hackers are constantly experimenting with a wide repertoire of hacking techniques to compromise websites and web applications and make off with a treasure trove of sensitive data including credit card numbers, social security numbers and even medical records.
Cross Site Scripting (also known as XSS or CSS) is generally believed to be one of the most common application layer hacking techniques. As a matter of fact, the Web Hacking Incident Database for 2011 (WHID) clearly shows that whilst many different attack methods exist, SQL injection and XSS are the most popular. To add to this, many other attack vectors, such as Information Disclosures, Content Spoofing and Stolen Credentials could all be side-effects of an XSS attack.
Read the full article to know more about Cross Site Scripting attacks. The article also features practical examples.