The College of Education for Pure Sciences, Department of Computers, University of Basra, discussed a master’s thesis on (preventing cross-site script attack (xss))
The message submitted by a master's student (Iman Farid Khazal) included the Cross Site Script (XSS) attack as an injection attack that exploits loopholes in web applications to access sensitive user data. This harms both the user and the web application. There are several types of XSS attack, a method has been suggested to prevent Reflected XSS. It is the most common type and is injected into a link. A method has also been proposed to prevent Stored XSS, which is the most dangerous type as it is stored within the database of the injected page, which harms every user who visits the page.
message aim
To find a solution to the above two types where we proposed a PRS server that protects the user from the injected link, and a PSS server that protects the web application from the injected input. The work of PRS and PSS was applied to web applications containing the vulnerability, and both the link and the injected entry were successfully sanitized.
Thus, the damage of XSS vulnerabilities in web applications has been reduced, as the user can click on any link safely if he uses PRS. It can also visit PSS-protected web pages without being harmed by malicious script injection

.