This vulnerability allows an attacker to either permanently or temporarily inject client-side code into the target website. This code executes when the page is loaded by the victim and the client-side code may carry out activities such as: stealing cookies/sessions, modifying the page contents, logging key strokes, etc.
There are two types of Cross-site Scripting:
How do I fix Cross-site Scripting?
The following posts provided specific details for fixing Cross-site Scripting vulnerabilities in various programming languages and through a variety of methods.