all InfoSec news
Stored DOM XSS
System Weakness - Medium systemweakness.com
Discovering and addressing a critical security flaw
I found a Stored DOM XSS vulnerability when testing the web application. The online application has an area where users may enter data to be stored in the database and presented on subsequent pages, where the vulnerability is located.
An attacker may use this flaw to run arbitrary code in the victim’s browser and potentially steal sensitive information or completely compromise the victim’s machine.
When a user enters a carefully …
application area browser bug bounty code compromise critical cybersecurity data database dom flaw information infosec input machine may program programming run security sensitive information steal testing the web victim vulnerability web web application xss xss-attack