# Cross-site Scripting > Cross-site scripting (XSS) is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. Cross-site scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by Symantec up until 2007. > > *Wikipedia (*[*https://en.wikipedia.org/wiki/Cross-site\_scripting*](https://en.wikipedia.org/wiki/Cross-site_scripting)*)* ## Escaping text {% hint style="warning" %} **You should not use this function for database queries.** It is not designed for use with Databases, please use [DatabaseManager](/1.0.0/dev/libraries-and-functions/databasemanager.md) for escaping Database queries. {% endhint %} There are two possible ways to escape text in Saturn, using the XSS library's `Escape()` function, or by using the Saturn Core `Out()` function. {% code title="XSS Library" %} ```php use Saturn\SecurityManager\XSS; $XSS = new XXS(); $XSS->Escape($Data); ``` {% endcode %} {% code title="Saturn Core" %} ```php Out($Data); ``` {% endcode %} The Saturn Core function uses the XSS library's function, so it's often easier to just use `Out()` instead. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.saturncms.net/1.0.0/dev/libraries-and-functions/securitymanager/cross-site-scripting.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.