XSS measures are implemented during system development and operation.
Cross-site scripting (XSS) is a well-known attack (hacking) technique for websites. In simple terms, it means “embed malicious script into another person’s website”.
|About measures on the system side||About measures on the server side|
|Pre-release audits with vulnerability diagnostic tools (OWASP ZAP, openVAS)||adjust apache
Adjust cookies on the PHP side
Defense with WAF (Web application firewall)