Client Side Vulnerabilities / Stored Cross Site Scripting

Description

Stored Cross Site Scripting (XSS) is a type of client-side vulnerability and is listed - as part of XSS in general - as one of the top 25 most dangerous software errors in the Common Weakness Enumeration (CWE) directory. It is classified as CWE-79: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')". Stored XSS occurs when an application stores and renders user input without proper validation or encoding, causing malicious scripts to be injected into the application. Stored XSS attacks are typically found in web-based applications and can be used to steal sensitive data, redirect users to malicious sites, or execute malicious code in the context of the application. The OWASP Web Security Testing Guide outlines how to test for stored XSS vulnerabilities.

Risk

Stored XSS can have serious implications for the security of an application. Attackers may be able to access sensitive data, execute malicious code on the application, and redirect users to malicious sites. Additionally, since stored XSS is often stored in the application’s database, it can remain undetected for a long time, which may lead to further damage.

Solution

The best way to prevent stored XSS is to properly validate and encode user input. This includes using the proper encoding for the context in which the content is rendered, or allow/block listing of relevant characters, to ensure that malicious scripts are not injected into the application. The use of a carefully crafted Content-Security-Policy can also be part of a defense-in-depth approach. Additionally, applications should be regularly scanned for any stored XSS vulnerabilities. OWASP provides a cheat sheet for prevention of Cross Site Scripting.