What is cross-site scripting attack (XSS attack)?

Cross-site scripting attack is an attack that exploits flaws in Web browsing applications such as Microsoft Internet Explorer, Mozilla Firefox, Safari or Google Chrome, and allows arbitrary code injection that redirects requests to a bogus or malicious website.

Cross-site scripting attacks are increasing in number and today almost 80 per cent of all Web attacks are XSS attacks.

Affected users may be exposed to serious security risks such as theft of personal information and other threats.

External references:

Learn more about cross-site scripting attacks

You might be also interested in these articles:

What is clipboard hijacking attack?
What is browser vulnerability and how can I protect myself from browser exploits?
The New Kaspersky Internet Security 2011 Launch!
What is phishing and how do I prevent phishing attacks?