Question: What is an XSS vulnerability? Should I be concerned about an XSS vulnerability?
XSS (short for Cross-Site Scripting) is a widespread vulnerability that affects many web applications. The danger behind XSS is that it allows an attacker to inject content into a website and modify how it is displayed, forcing a victim’s browser to execute the code provided by the attacker while loading the page.
Generally XSS vulnerabilities require some type of interaction by the user to trigger the vulnerability, either via social engineering, or waiting for someone to visit a specific page. That’s why it’s often not taken seriously by developers, but if left unpatched, can be very dangerous.