XSS is the most prevalent web application security flaw.
The security flaw is currently being exploited in limited targeted attacks, without any development.