Client Side Vulnerabilities / Stored Cross Site Scripting

Description

Stored Cross Site Scripting (XSS) is a type of Client-Side Vulnerability and is listed as one of the top 25 most dangerous software errors in the Common Weakness Enumeration (CWE) directory. It is classified as CWE-79 and is listed as an Injection vulnerability. Stored XSS occurs when an application stores user input without proper validation or encoding, causing malicious scripts to be injected into the application. Stored XSS attacks are typically found in web and API-based applications and can be used to steal sensitive data, redirect users to malicious sites, or execute malicious code on the application. As outlined in the OWASP Testing Guide, stored XSS can be prevented by properly validating and encoding user input.

Risk

Stored XSS can have serious implications for the security of an application. Attackers may be able to access sensitive data, execute malicious code on the application, and redirect users to malicious sites. Additionally, since stored XSS is often stored in the application’s database, it can remain undetected for a long time, which may lead to further damage.

Solution

The best way to prevent stored XSS is to properly validate and encode user input. This includes using whitelisting or blacklisting to only allow certain characters and using proper encoding to ensure that malicious scripts are not injected into the application. Additionally, applications should be regularly scanned for any stored XSS vulnerabilities.

Example

In this example, a stored XSS vulnerability was found in a web application. The vulnerability was caused by the application not properly validating user input. An attacker was able to inject a malicious script into the application by providing a malicious URL in a text field.

<script>alert("XSS Vulnerability")</script>