XSS is a vulnerability that allows an attacker to inject malicious scripts into web pages viewed by other users. Prevention measures include input validation and output encoding. Example code for a simple input validation in a web application (using Flask) might look like this:
from flask import Flask, request
app = Flask(__name__)
@app.route('/submit', methods=['POST'])
def submit():
user_input = request.form['user_input']
# Validate user input to prevent XSS
sanitized_input = escape(user_input)
return f'You entered: {sanitized_input}'
if __name__ == '__main__':
app.run()