DOM-based XSS (Cross-Site Scripting) is a type of security vulnerability that occurs when a web application uses client-side scripts to manipulate the Document Object Model (DOM) without proper validation. In this scenario, an attacker can inject malicious code into the web page, which then gets executed in the user's browser. This can lead to unauthorized actions, such as stealing cookies or session tokens. Unlike other XSS types, DOM-based XSS does not rely on the server to deliver the malicious payload. Instead, it exploits the way the browser processes the HTML and JavaScript on the client side. Developers can prevent this vulnerability by sanitizing user inputs and using secure coding practices.