Configuration: Stored XSS Injection¶

Identifier: stored_xss

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Stored XSS vulnerabilities occur when user input is not properly validated and saved into a database, allowing malicious scripts to be stored and executed by other users when they access the affected content.

How we test: We inject XSS payloads into request parameters that are stored in the database and later retrieved. We analyze stored content and responses to detect if malicious scripts are persisted and executed when other users access the stored data.

Execution conditions (BLST):

Stored XSS detection runs when this test is enabled and the baseline exchange is OK with non-null response text.
Active XSS payload injection (same config) runs on CREATE/UPDATE operations when coverage is OK, EMPTY_RESPONSE, or VALIDATION_ERROR.
VALIDATION_ERROR fuzz responses are ignored when the payload is not reflected.

References:

https://portswigger.net/web-security/cross-site-scripting

Configuration¶

Example¶

Example configuration:

---
security_tests:
  stored_xss:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.