Detailedlikelihood: Highseverity: Very HighStable
CAPEC-592Stored XSS
Abstraction
Detailed
Status
Stable
Likelihood
High
Severity
Very High
Description
An adversary utilizes a form of Cross-site Scripting (XSS) where a malicious script is persistently "stored" within the data storage of a vulnerable web application as valid input.
Metadata: detailed CAPEC pattern, status stable, likelihood high, severity very high. Underlying weakness: CWE-79. Related CAPEC pattern: [object Object].
Related weaknesses· 1
Related attack patterns· 1
Exploits1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Weakness | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')cwe-79 | 100% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.