This post we'll be talking about Cross Site Scripting or XSS and what steps to take to prevent this type of security breach on your Drupal site. Without going into the gory details, XSS allows a malicious user to insert a script into one of your web pages, that can be used to steal other user's identities, craft phishing attacks, and bypass access controls. For more detailed examples of XSS attacks see: http://ha.ckers.org/xss.html.
