CAPEC-592: Stored XSS

Description
An adversary utilizes a form of Cross-site Scripting (XSS) where a malicious script is persistently "stored" within the data storage of a vulnerable web application as valid input.
Extended Description

Initially presented by an adversary to the vulnerable web application, the malicious script is incorrectly considered valid input and is not properly encoded by the web application. A victim is then convinced to use the web application in a way that creates a response that includes the malicious script. This response is subsequently sent to the victim and the malicious script is executed by the victim's browser. To launch a successful Stored XSS attack, an adversary looks for places where stored input data is used in the generation of a response. This often involves elements that are not expected to host scripts such as image tags (<img>), or the addition of event attributes such as onload and onmouseover. These elements are often not subject to the same input validation, output encoding, and other content filtering and checking routines.

Severity :

Very High

Possibility :

High

Type :

Detailed
Prerequisites

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • An application that leverages a client-side web browser with scripting enabled.
  • An application that fails to adequately sanitize or encode untrusted input.
  • An application that stores information provided by the user in data storage of some kind.
Skills required

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Medium Requires the ability to write scripts of varying complexity and to inject them through user controlled fields within the application.
Taxonomy mappings

Mappings to ATT&CK, OWASP and other frameworks.

Resources required

None: No specialized resources are required to execute this type of attack.

Related CWE

A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful.

Visit http://capec.mitre.org/ for more details.

© cvefeed.io
Latest DB Update: Dec. 24, 2024 3:47