Cross-site scripting (XSS) is an exploit where the attacker attaches code onto a legitimate website that will execute when the victim loads the website. That malicious code can be inserted in several ways. Most popularly, it is either added to the end of a url or posted directly onto a page that displays user-generated content. In more technical terms, cross-site scripting is a client-side code injection attack. Learn more in the Cloudflare Learning Center.

• What is cross-site scripting?

Knowledge in Action
The Cloudflare WAF is available on both the Pro and Business plans, upgrade here.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.