Cross Site Scripting (XSS) is currently the most common vulnerability in the world. This is vulnerability of some host which allows anyone to inject code/scripts into the page. The injected scripts could be HTML tags, javascript script, vbscript scripts. Israel airline, Myspace, MTV website, Sweden government, Bangladesh bank, Nasa sub domain, Brown University, Afghanistan government website and Rome government website. Hacker with virtual name ‘Human mind cracker’ expose similar v ulnerabilities in some big and Important sites.
Source: https://thehackernews.com/2012/11/airline-myspace-banks-government.html