Cross-site scripting flaws refers to programming errors commonly found on commercial websites that phishers and online scam artists can use to trick users into giving away personal and financial data.