Cross-site scripting vulnerabilities are the most commonly detected vulnerabilities in Web applications. They are also one of the most frequently targeted flaws by cybercriminals. It enables an attacker to send malicious scripts by relaying the script from an otherwise trusted URL, according to Cenzic. XSS vulnerabilities appear in 61 percent of applications, the firm said. While much has been said about detecting and fixing XSS errors, the Internet is still riddled with Web applications that contain them. They can be detected with a Web application security scanner or blocked using a Web application firewall.