Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
Oct 16th 2021
The persistent (or stored) XSS vulnerability is a more devastating variant of a cross-site scripting flaw, it occurs when the data provided by the attacker is saved by the server, and then permanently displayed on "normal" pages returned to other users in the course of regular browsing.
Proof of Concept
Check this video for POC: Video
Which browser do you use here? I cannot reproduce it with the current version of Brave.
I don't think it's a browser issue, i was able to reproduce the issue with this payload
<img src=x onerror=alert(0)> in the current version of Brave