Cross-site scripting (XSS) attacks have been on the rise in the United States and Europe, up more than 160 percent from October to December of last year, according to a cloud hosting provider. On Tuesday, London-based FireHost released findings that XSS attacks blocked by FireHost's servers increased from more than one million to 2.6 million during the time studied, outpacing all of the common web attack vectors, including SQL injection. XSS is carried out when an attacker inserts malicious code into web pages, potentially allowing them to access information stored in the browser, such as cookies and session tokens.