Something that's becoming more and more of an issue with the web today is a scary little thing called "cross-site scripting". It is an, unfortunately, all too simple way for someone to figure out how to bypass certain restrictions on your site. Fortunately, DevShed has a new article that covers this topic and provides some helpful hints on how to protect you and your data.

Cross-site scripting can best be defined as a method of using loopholes in your code to execute arbitrary code/SQL/javascript/etc against your wishes. This can range from a simple, harmless Javascript popup all the way to what is called a "SQL injection" - the execution of user-inputted SQL to gain access to information that was never intended to see the average user's eyes.

They give several tips on how to keep you and your site safe from the ravages of this malicious little web security hole...