Web security is like a generational game of leapfrog being played between malicious users on one side and site administrators and security specialists on the other. Every few years (or even months) a new class of exploit emerges against which the good guys must scramble a response.
Today, one of the most common methods of attack is Cross-Site Scripting (XSS), against which up to 70 percent of websites are thought to be vulnerable according to Kunal Anand, co-founder of Web security startup Prevoty. XSS is the execution of malicious JavaScript code by the user in Web or mobile browsers and rich clients....
