1. Cook S A web developer's guide to cross-site scripting http://www.giac.org/practical/GSEC/Steve_Cook_GSEC 2003
2. HTML5Web Applications http://www.w3schools.com/html/html5_intro.asp
3. CERT Advisory ca-2000-02 malicious html tags embedded in client web requests http://www.cert.org/advisories/CA-2000-02.html 2000
4. Acunetix Web Application Vulnerability Report https://www.acunetix.com/blog/articles/acunetix-web-application-vulnerability-report-2015/ 2015
5. The Open Web Application Security Project (OWASP) OWASP Top Ten Project http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project 2010