The Web has vastly expanded over the past couple of decades, and with this came the emergence of thousands of vulnerabilities, and subsequently, attacks across the Internet. But why is the Web source for so many vulnerabilities? The truth is that the Web gathers all of three factors that mainly influence vulnerabilities, which are:
XML injections are simple vulnerabilities, in which a server doesn't check for user input; this input will then be badly interpreted by the server's XML interpreter.
XSS (or Cross Site Scripting) vulnerabilities envolve running illegal code (scripts), introduced by an attacker, in the victim's browser (typically JavaScript). XSS vulnerabilities are some of the more common web app security issues (according to OWASP, Top3 vulnerability in 2013, Top7 in 2017).