|Project Description: ||Web applications are playing a vital role in our daily activities. Providing security to Web applications is the main objective of this paper. Exploiting these applications is becoming a new trend. Because of several vulnerabilities in Web applications, attackers can easily take control over the system, and can easily gain access to the sensitive information of the users. One such vulnerability is cross–site scripting. With the presence of this scripting in Web applications, malicious users can perform various operations using scripts and can install malware on the victim’s system. According to the recent study, SQL injection and XSS vulnerabilities are the most dangerous security vulnerabilities exploited in various popular Web applications, i.e. eBay, Google, Facebook, and Twitter. To solve the above problem, the proposed approach will try to develop a secure Web application and find the vulnerabilities of cross-site scripting. Then, taint analysis will be used to track the flow of tainted data in the source code of previously built JSP files. By using the taint analysis approach, the study seeks to code out the loop holes in the design source code of JSP files and generate a report stating various sink points in the code.