Code injection (XSS), methods of influence, and getting unauthorized access of a website by which a hacker goes to work.
the history of security holes in vulnerable to XSS attacks to 1996 and the early years web pages. at the time that the protocol HTTP, like web designers, sometimes from languages, process programming such as Java script of profit and claims. found when users enter a site gets can be used to help the coding in the security holes, ... another page in the same page load ... then with the profits of JavaScript, user data such as username, password or Cookie (Cookie) , stole.
At this time, the media of these problems to the weakness of security browsers than were given. Company communication Netscape, that one of the first producers of web browsers and also constructive language, javascript, was, Policy, personal domain to the language added that the front of the access to the address outside of the domain of website can take place, and somewhat of these attacks is limited.