A type of security vulnerability, found in web-connected applications, that can be used to bypass controls. XSS vulnerability facilitates a hacker adding script to web pages in violation of same-origin policy rules that would normally restrict changes to web pages to approved users.