This site needs JavaScript to work!
If your site allows users to add content, you need to be sure that attackers cannot inject malicious JavaScript. One method of doing this is called cross-site scripting (XSS).
Let's see how an attacker could take advantage of cross-site scripting.
upvote()