Cross-Site Scripting vulnerability and Spectrum