You’ve probably heard about Cross-Site Scripting (XSS) before, but did you know that it comes in multiple forms?

Each type targets a different part of your application, and understanding the differences is essential for building secure frontend applications.

Let's start with the basics.

What is XSS?

Cross-Site Scripting (XSS) is a security vulnerability that allows an attacker to inject malicious code, typically JavaScript, into a web page.