# Prompt injection is becoming the XSS of the web agent era

> Source: <https://www.helpnetsecurity.com/2026/07/17/xss-web-agent-prompt-injection/>
> Published: 2026-07-17 06:00:31+00:00

Autonomous web agents read whatever a page displays, and much of that content comes from strangers. Product reviews, seller listings, and advertisements sit beside trusted site menus on a single page. An agent that reads all of that text as instructions can be steered by any of it. A group at UC Berkeley describe Cross-Site Prompting, or XSP, as the agent-era version of Cross-Site Scripting. Their system, Prismata, sits between a web agent and the … [More ](https://www.helpnetsecurity.com/2026/07/17/xss-web-agent-prompt-injection/)

The post [Prompt injection is becoming the XSS of the web agent era](https://www.helpnetsecurity.com/2026/07/17/xss-web-agent-prompt-injection/) appeared first on [Help Net Security](https://www.helpnetsecurity.com).
