Cross-site scripting (XSS) attacks are one of today's major attack vectors, exploiting vulnerable websites and using browsers to steal cookies or engage in financial transactions. Cross-site scripting flaws are common, and require organizations to implement a thorough secure development lifecycle that includes threat modeling, scanning tools and extensive security awareness to achieve best possible posture of