| 제목 | code-projects.org Social Networking Site 1.0 Stored XSS (CROSS SITE SCRIPTING) |
|---|
| 설명 | Stored Cross-Site Scripting is a security vulnerability that arises when an attacker injects malicious
scripts into a web application, with the injected payload being stored on the server. Unlike typical
XSS attacks, where attackers directly witness the impact of their scripts, Stored XSS involves triggering
the stored payload directly, and impacting the other users.In this application the stored xss was found in http://localhost/socialsite/message.php in message option where we can message each user and it was displayed in Home page http://localhost/socialsite/home.php.When we tried xss payload it got stored and when ever a new user registers and logins stored xss will get triggered and gets executed in which attackers can use this way to steal the users cookies and session ids.The impact of stored xss can lead to the unauthorized access of sensitive data, distribution of malicious content, and compromise of user trust, potentially causing widespread damage to individuals and organizations. |
|---|
| 원천 | ⚠️ https://drive.google.com/file/d/1r-4P-gWuIxuVL2QdOXsqN6OTRtQEmo7P/view?usp=drive_link |
|---|
| 사용자 | harivignesh (UID 61478) |
|---|
| 제출 | 2024. 01. 15. PM 01:26 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 01. 19. AM 10:45 (4 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 251546 [code-projects Social Networking Site 1.0 Message Page message.php Story 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|