Securing PHP Web Applications: Cross-Site Scripting

InformIT: Securing PHP Web Applications: Cross-Site Scripting > What Is XSS?: "In this chapter, we cover a special type of injection attack called cross-site scripting, or XSS. This is a special type of code injection attack (remember those from Chapter 5, “Input Validation”?) that doesn’t affect your system as much as it affects your users. Our example guestbook is exactly the type of site that is vulnerable to these attacks."