Explain Cross-Site Scripting, or XSS, attacks and the different types. How do you prevent XSS in a modern React or Vue application, and what role does Content Security Policy play?

Sample answer preview

Cross-Site Scripting, or XSS, is a vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. It remains one of the most common web vulnerabilities despite being well understood. There are three main types of XSS.