This post concentrates on my recent research regarding reflective Cross-Site Scripting (XSS or CSS) vulnerabilities within the most popular web browsers. The setup that is used to test the browsers is done within virtualised environment, using Damn Vulnerable Web Application (DVWA) hosted by XAMPP Apache server. 360 more words