Secure computing requires an ongoing process, as you learn about risks and then implement processes and technology to protect yourself. Without a concerted effort to defend your data, you will almost certainly by victimized by some type of cyber-invasion.
Following links without knowing what they point to, using interacting forms on an untrustworthy site, or viewing online discussion groups or other pages where users may post text containing HTML tags can put your browser at risk.
Beware of going down the rabbit hole when browsing the Internet. Once you start clicking link after link, you may find yourself on an infected site. And look out for scams such as contests that require you to paste code into Facebook, your blog, or any other site.
To protect yourself from cross-site scripting attacks, update your browser to the most recent version, with the most current security settings.
That being said, after messing with default browser or program settings, the reduced functionality may impede your ability to do anything online. The trick is to have the most updated security software and to avoid social engineering scams that ask you to click links or copy code.