While some still debate the risks associated with cross-site scripting (XSS) attacks, after the high exposure attacks against MySpace and Hotmail the pendulum has definitly swung in the direction of treating XSS as seriously as other more common injection type attacks. Either way, as with most things involving security on the web, it never hurts to err on the side of caution. The trick with XSS is that since the problem isn't specific to a particular technology, it can be tricky to know if you are vulnerable. Here are five common XSS injection techniques to check for any time you accept user input on your site.