Stored XSS
The second type of attack is stored XSS. Exploiting this one will be accomplished by saving the script (JavaScript) into a stored location through a page (for example, Blogs, CMS, Forums) into some sort of a storage file (for example, database, file, and logs). This flaw is dangerous because it is persisted and will execute when anyone visits the infected page later. Imagine that on Facebook (or any social media platform), you can submit a post that contains a JavaScript code that will execute by anyone who sees that post; amazing, right?
Please don't try it on Facebook - I'm just giving an example here, you don't want to get yourself in trouble! (By the way, Facebook and other big companies offers bug bounty programs and they ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access