Description

Stored XSS (Cross-Site Scripting) is a type of web security vulnerability caused by improper input validation and inadequate data sanitization in a web application. It occurs when an attacker injects malicious scripts (usually in the form of HTML or JavaScript) into a website's database or storage, which is then fetched and displayed to unsuspecting users. These scripts are executed in the browsers of those who visit the infected page, enabling the attacker to steal sensitive information, such as login credentials or personal data, and potentially take control of the user's account or perform malicious actions on their behalf. To prevent stored XSS, developers must implement proper input validation and output encoding to ensure that user-supplied data is treated as plain text and not executed as code on the web page.

Proof of Concept

1. Register New User
2. Enter the following XSS Payload for First Name, Last Name, and City input fields:

// PoC.js
<script>alert(1)</script>

3. Login with user
4. Once logged in you will see alert boxes for First Name and Last Name
5. Navigate to Profile Page, you will see alert boxes for First Name, Last Name, and City

ScreenShots

1. XSS Payloads in Fields
2. XSS Executed First Name
3. XSS Executed Last Name
4. XSS Executed City

Impact

An attacker can inject JavaScript on a victims browser that could lead to stealing cookies in addition to installing JavaScript malware, keyloggers and performing remote actions.