Identifying Cross Site Scripting Vulnerabilities in Web Applications