(CROSS-Site Scripting) Causing a user's Web browser to execute a malicious script. There are several ways this is done. One approach is to hide code in a "click here" hyperlink attached to a URL that points to a non-existent Web page. When the page is not found, the script is returned with the bogus URL, and the user's browser executes it. An "XSS hole" is a vulnerability in an application that enables cross-site scripting to be exploited. See parameter tampering and CSRF.