Prompt injection is becoming the XSS of the web agent era Researchers at UC Berkeley have identified a new vulnerability called Cross-Site Prompting (XSP), which allows malicious content on web pages to hijack autonomous web agents by injecting prompts. Their system, Prismata, acts as a safeguard between agents and web content, mirroring the threat model of Cross-Site Scripting (XSS) in the era of web agents. Autonomous web agents read whatever a page displays, and much of that content comes from strangers. Product reviews, seller listings, and advertisements sit beside trusted site menus on a single page. An agent that reads all of that text as instructions can be steered by any of it. A group at UC Berkeley describe Cross-Site Prompting, or XSP, as the agent-era version of Cross-Site Scripting. Their system, Prismata, sits between a web agent and the … More https://www.helpnetsecurity.com/2026/07/17/xss-web-agent-prompt-injection/ The post Prompt injection is becoming the XSS of the web agent era https://www.helpnetsecurity.com/2026/07/17/xss-web-agent-prompt-injection/ appeared first on Help Net Security https://www.helpnetsecurity.com .