XSS - Stored XSS Attacks

Goal: 

Using the XSS vulnerabilities perform Stored XSS Attack

Method: 

In the Message, inserting scripts to run script to perform XSS attack when message accessed by victim. 

Step by step Guide

1. Create XSS message

Title: Free $50 Gift Card 

<script>alert('You are hacked')</script>

Or you can use

<script language="javascript" type="text/j-avascript">alert("Ha Ha Ha");</script>

Now if anyone browse message, script will start.. Here pop up will start.

 

Please publish modules in offcanvas position.