Abstract: Cross-site scripting (XSS) remains one of the most persistent threats to web application security, allowing attackers to inject malicious scripts that compromise user data and system ...