Reflected XSS attack is used by a hacker, who sends a crafted url of the target website to the victim. Upon clicking the link victims cookies is send back to the attacker, which might be used for owning the session