Author:
zores <hi>
Date:
5/28/2017 7:15:19 AM
Subject:
RE: Stored Cross Site Scripting
Here I made a better proof of concept.
The easy fix is to add the httonly flag to your PHPSESSID cookie. his wy the browser will return a null.
_