Cross site scripting (XSS) is identified as one of the main threats to web users by the OWASP Foundation. XSS occurs when a malicious third party injects a script into content served by your website.