!!! Overview[1]
[{$pagename}] ([XSS]) is a type of computer security [Exploit] typically found in [HTTP]. 

[{$pagename}] enables [attackers] to inject client-side scripts into web pages viewed by other users. 

[{$pagename}] [vulnerability] may be used by [attackers] to bypass [access Controls] such as the same-origin policy. 

[{$pagename}] carried out on websites __accounted for roughly 84%__ of all security vulnerabilities documented by Symantec as of [2007|Year 2007].

The effect may range from a petty nuisance to a significant security [risk], depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner.


[Content-Security-Policy] [HTTP Response Header] allows web site administrators to control resources the [User-agent] is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against [{$pagename}] [Attacks].

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Cross-site_scripting|Wikipedia:Cross-site_scripting|target='_blank'] - based on information obtained 2016-08-08-