'''James Lane Tyler Jones Henry Spivey''' <br><br> '''XSS (Cross-Site Scripting)''' Where an attacker enters malicious script and/or markup into a form and then posting it to a site. If another use navigates to this page where the malicious form was submitted the browser will then parse and execute the malicious code. <br><br> '''CSRF (Cross Site Request Forgery)''' An attack where a user may be logged into a site such as an online bank account and because they are logged in, the cookies and credentials are set in the browser. If the user then navigates to a malicious site while they are still logged into the bank. That malicious site could have a link to execute some activity on the bank's site such as transferring money or withdrawing without the user's knowledge. <br><br> '''Click Jacking''' An attack that tricks a user into inadvertently clicking on something else other than that they intended to or my physically see. An example is When a malicious <iFrame> could be loaded over a legitimate looking site and it's z-index is set to it's overlaid on top of the site the user believes they are on. The CSS opacity is set to 0 so it's transparent. There may be invisible buttons to perform some malicious activity overlaid on top of a button the user intends to click on.