a web security vulnerability that allows attackers to inject malicious code into a legitimate website.

Cross-site scripting (XSS) is a web security attack that involves injecting malicious scripts into a trusted website or application: