Self-XSS (self cross-site scripting) is a attack used to gain control of victims' web accounts. In a Self-XSS attack, the victim of the attack runs in their own web browser, thus exposing personal information to the attacker, a kind of vulnerability.[1]