Cross-site scripting (XSS) is one of the most common vulnerabilities. Unlike other vulnerabilities, it is related to undocumented features of a page of the site visited by an attacker that allows him or her to change the contents of the page.
Cross-site scripting (XSS) is a vulnerability that appears as a result of insufficient filtration of data received from a malicious person and then sent to third parties.
Therefore, systems that receive data from users and display it on other users' browsers are vulnerable to an XSS attack.
Examples of such systems are chats, forums, and Web mail.