| Title | code-projects.org Social Networking Site 1.0 Stored XSS (CROSS SITE SCRIPTING) |
|---|
| Description | Stored Cross-Site Scripting is a security vulnerability that arises when an attacker injects malicious
scripts into a web application, with the injected payload being stored on the server. Unlike typical
XSS attacks, where attackers directly witness the impact of their scripts, Stored XSS involves triggering
the stored payload directly, and impacting the other users.In this application the stored xss was found in http://localhost/socialsite/message.php in message option where we can message each user and it was displayed in Home page http://localhost/socialsite/home.php.When we tried xss payload it got stored and when ever a new user registers and logins stored xss will get triggered and gets executed in which attackers can use this way to steal the users cookies and session ids.The impact of stored xss can lead to the unauthorized access of sensitive data, distribution of malicious content, and compromise of user trust, potentially causing widespread damage to individuals and organizations. |
|---|
| Source | ⚠️ https://drive.google.com/file/d/1r-4P-gWuIxuVL2QdOXsqN6OTRtQEmo7P/view?usp=drive_link |
|---|
| User | harivignesh (UID 61478) |
|---|
| Submission | 01/15/2024 13:26 (2 years ago) |
|---|
| Moderation | 01/19/2024 10:45 (4 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 251546 [code-projects Social Networking Site 1.0 Message Page message.php Story cross site scripting] |
|---|
| Points | 20 |
|---|