Tag Archives: Stored XSS

Cross-site Scripting (XSS): Life After the Alert Box

This is an advanced Cross-site Scripting (XSS) post, if you’re new to XSS maybe try this one first: What is Cross-site Scripting?

 

During Penetration Tests I often see testers utilising Cross-site Scripting attacks, popping an alert(1) and stopping there; additionally looking through the payloads used by other testers I often find one area missing. So if you’re a tester, think of the payloads that you deploy and think how you are testing for the type of vulnerability described below:

Continue reading: Cross-site Scripting (XSS): Life After the Alert Box