Stored Cross-Site Scripting, often abbreviated as Stored XSS, is a type of security vulnerability found in web applications. It occurs when an attacker injects malicious scripts into a website's database, which are then served to users without proper validation. This means that when users visit the affected page, the harmful script runs in their browsers, potentially stealing sensitive information like cookies or login credentials.
The impact of Stored XSS can be severe, as it affects all users who access the compromised page. Unlike other types of XSS, where the attack is executed immediately, Stored XSS persists in the website's content, making it a more dangerous threat. Developers must implement strong input validation and output encoding to protect against this vulnerability.
