Modern web browsers can grab geographic location data from the devices in which they are installed, be it the Wi-Fi network in a computer or the GPS and cellular information in a mobile phone. An application using HTML5 and vulnerable to XSS may expose location data of its users.