Stored XSS, or Stored Cross-Site Scripting, is a type of web security vulnerability where an attacker injects malicious scripts into a website's database. When users visit the affected page, the harmful script is retrieved and executed in their browsers, potentially compromising their data and security. This attack often occurs in areas where users can submit content, such as comment sections or forums. Unlike reflected XSS, where the attack is executed immediately, stored XSS persists on the server, making it more dangerous as it can affect multiple users over time.