What is Cross-Site Scripting (XSS), and what are the best practices for preventing it in modern front-end frameworks?