Cross-Site Scripting (XSS) is a web application vulnerability where attackers inject malicious scripts into web pages viewed by other users.