XSS

Common safety prevention against XSS

Cross-site Scripting (XSS) Attack "Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of unvalidated or unencoded user input within the output it generates."

How it works

Preventions

• Basic Input validations on Client Side Code
• Strong Input validations on Server Side Code. Including retrieving all possible valid input validations from database to validate input

Source Article:

https://www.acunetix.com/websitesecurity/cross-site-scripting