| This is a documentation subpage for Template:XSS alert (see that page for the template itself).
It contains usage information, categories, interlanguage links and other content that is not part of the original template page.
- Adds an alert box describing a Cross-site scripting vulnerability in including Extension page. Also adds including page to mw:Category:Extensions with XSS vulnerabilities
- If your extension was tagged with this template please read
| WARNING: the code or configuration described here poses a major security risk.
Problem: Vulnerable to Cross-site scripting attacks, because it passes user input directly to the browser. This may lead to user accounts being hijacked, among other things.