An attacker embeds malicious scripts in content that will be served to web
						browsers. The goal of the attack is for the target software, the client-side
						browser, to execute the script with the users' privilege level.