all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Stored DOM XSS

Add to bookmarks
April 7, 2023, 12:04 p.m. | ASWIN K V

System Weakness - Medium systemweakness.com

Discovering and addressing a critical security flaw

screenshot by author

I found a Stored DOM XSS vulnerability when testing the web application. The online application has an area where users may enter data to be stored in the database and presented on subsequent pages, where the vulnerability is located.

An attacker may use this flaw to run arbitrary code in the victim’s browser and potentially steal sensitive information or completely compromise the victim’s machine.

When a user enters a carefully …

application area browser bug bounty code compromise critical cybersecurity data database dom flaw information infosec input machine may program programming run security sensitive information steal testing the web victim vulnerability web web application xss xss-attack

Visit resource

More from systemweakness.com / System Weakness - Medium

Protect Yourself from Online Scams: Essential Phishing Email Analysis Techniques. 1 day, 2 hours ago | systemweakness.com
cybersecurity ethical hacking information technology malware +1
Cross-Site Scripting: Understanding, Preventing, and Mitigating Risks 1 day, 17 hours ago | systemweakness.com
continue cross-site cybersecurity data +18
University Linux Course (CTIS166) VS HackTheBox Academy Linux Fundamentals Module 1 day, 17 hours ago | systemweakness.com
bilkent-üniversitesi gnu-linux information technology linux +1
TryHackMe — LDAP Injection — Writeup 1 day, 17 hours ago | systemweakness.com
cybersecurity cybersecurity awareness tryhackme tryhackme-walkthrough +1
Analyzing WSH RAT 1 day, 17 hours ago | systemweakness.com
cyberchef cybersecurity javascript malware analysis +1
The Essential Cybersecurity Mindset 1 day, 17 hours ago | systemweakness.com
age career advice cybersecurity cyber security awareness +20
Secure Architecture: Infrastructure Controls 1 day, 17 hours ago | systemweakness.com
architecture article ask controls +12
Data Breaching in Secure Companies 1 day, 17 hours ago | systemweakness.com
breach business companies continue +12
How Prompt Injection Can Steal Your Data 3 days, 21 hours ago | systemweakness.com
ai chatbots chatgpt cybersecurity +1

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com