XSS attacks allow malicious scripts to be inserted into websites that unsuspecting users view, posing a serious security concern for online applications. Finding and blocking XSS attacks is the most crucial step in online application security. This study introduces ML methods like K-Nearest Neighbours (KNN) and Random Forest to detect XSS attacks. Developers and security analysts may use our AI-generated detection insights to understand the model’s judgments. We preprocess incoming data by extracting valuable properties from HTTP requests and answers. Such characteristics include URL attributes, HTTP headers, and content properties. We train KNN and RF classifiers on labeled data using a dataset of known XSS and benign queries. These extracted features help trained algorithms distinguish real and fraudulent searches. We simplify models via decision tree visualization and feature significance analysis. We can better understand how the models anticipate and identify the most relevant XSS detection properties using these approaches. Developers who understand the models’ decision-making process and patterns may optimize system performance. We evaluate our technique by comparing KNN and RF classifier efficiency on real-world datasets. Both classifiers identify XSS attacks well, although RF has greater recall and accuracy than KNN. Developers may improve web application security and analyze XSS attacks using our approach’s understandable insights.