Cross-Site Scripting - vulnerability where malicious scripts are injected into trusted websites. Like someone putting fake signs in a store to mislead customers.
Web developers sanitize user inputs to prevent XSS attacks that could steal user credentials or personal data.