Test your skills
- Charle Faru
The script in this example can then access the banking application with the privileges of the victim, potentially disclosing secret information or transferring money without the victim's authorization. A solution to XSS vulnerabilities is to use HTML escaping whenever displaying untrusted data. Some browsers include partial protection against reflected XSS attacks, in which the attacker provides a URL including malicious script.