all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Stored DOM XSS

Add to bookmarks
April 7, 2023, 12:04 p.m. | ASWIN K V

System Weakness - Medium systemweakness.com

Discovering and addressing a critical security flaw

screenshot by author

I found a Stored DOM XSS vulnerability when testing the web application. The online application has an area where users may enter data to be stored in the database and presented on subsequent pages, where the vulnerability is located.

An attacker may use this flaw to run arbitrary code in the victim’s browser and potentially steal sensitive information or completely compromise the victim’s machine.

When a user enters a carefully …

application area browser bug bounty code compromise critical cybersecurity data database dom flaw information infosec input machine may program programming run security sensitive information steal testing the web victim vulnerability web web application xss xss-attack

Visit resource

More from systemweakness.com / System Weakness - Medium

The New Face of Digital Competition: Inside the SEO Heist Phenomenon 14 hours ago | systemweakness.com
clicks competition cracking cybersecurity +14
Malware Analysis of a Emotet Word Document 14 hours ago | systemweakness.com
7-zip abuse analysis blog +18
Beyond Phishing: Understanding and Mitigating Vishing Threats 14 hours ago | systemweakness.com
beyond bus car cyber awareness +14
Unlocking Business Potential: The Power of Custom LLMs 14 hours ago | systemweakness.com
business chatbots chatgpt competitive +18
Social Engineering: The Human Element of Cybersecurity 14 hours ago | systemweakness.com
continue cybercriminals cybersecurity cybersecurity awareness +23
The future of cross-platform development: C# and .NET Core 14 hours ago | systemweakness.com
applications can challenge cross-platform-developmen +17
TryHack3M: Bricks Heist Write-Up 14 hours ago | systemweakness.com
blue team cybersecurity forensics tryhackme +1
Safeguarding Your Data: Understanding Database Firewalls 14 hours ago | systemweakness.com
cloud computing cybersecurity information technology infosec +1
Fake Wi-Fi Networks: Tools and Techniques for Network Security 14 hours ago | systemweakness.com
access access points basics business +26

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Junior Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States
View on infosec-jobs.com

Associate Director, Operations Compliance and Investigations Management

@ Legend Biotech | Raritan, New Jersey, United States
View on infosec-jobs.com

Analyst, Cyber Operations Engineer

@ BlackRock | SN6-Singapore - 20 Anson Road
View on infosec-jobs.com

Working Student/Intern/Thesis: Hardware based Cybersecurity Training (m/f/d)

@ AVL | Regensburg, DE
View on infosec-jobs.com
View more jobs