While the definition is ever expanding, cross script scripting (XSS) attacks are generally considered a type of injection problem where malicious input is injected into an otherwise trusted web page causing an unexpected behavior such as sending data to or from an unknown third party web site (cross site).

FORBES: Security Firm F-Secure Has Security Flaw In Web Site