Clickjacking and Cross Site Scripting Attacks

You may have heard about clickjacking and cross site scripting attacks (XSS). Here is some information on clickjacking, and here is Wikipedia's entry on XSS attacks. Additionally, this talks about Adobe Flash being used to launch attacks. You can use NoScript and Firefox to at least partially mitigate the problem. Note for maximum protection you must enable NoScript's “Plugins|Forbid <iframe>” option.