Cross-Site Scripting, as seen previously, happens when the data shown to the user is not correctly encoded and the browser interprets it as script code and executes it. This also has an input validation factor, as a malicious code is usually inserted through input variables.

In this recipe, we will cover the input validation and output encoding required for developers to prevent XSS vulnerabilities in their applications.