Stored XSS, or Stored Cross-Site Scripting, is a type of web security vulnerability where an attacker injects malicious scripts into a website's database. When users visit the affected page, the harmful script is retrieved and executed in their browsers, potentially compromising their data and session. This vulnerability often occurs in applications that allow users to submit content, such as forums, comment sections, or user profiles. If the input is not properly sanitized, attackers can exploit this flaw to deliver harmful payloads, leading to unauthorized access or data theft from unsuspecting users.