Advanced – Security Testing
Cross-Site Scripting (XSS) – ISTQB Definition
Last Updated: July 12, 2026 · SoftwareTestPilot QA Team
Official ISTQB Definition
A vulnerability in which attackers inject malicious scripts into content that is then delivered to other users.
In simple words
Attacker gets their JavaScript to run in another user's browser session.
Exam tip
Fix by output-encoding and a strong Content Security Policy.
Related terms
Practice this term in the ISTQB Mock Test
40 CTFL v4.0 questions, 60-minute timer, instant scoring and chapter-wise breakdown.
Practice in Mock Test