Author: zores <hi>     Reply to Message
Date: 5/28/2017 7:15:19 AM
Subject: RE: Stored Cross Site Scripting

Here I made a better proof of concept.

The easy fix is to add the httonly flag to your PHPSESSID cookie. his wy the browser will return a null.

_