{"detect":{"cwe":"CWE-79","exploit_examples":["POST /stored/ with body=<img src=x onerror=alert(1)>"],"owasp":"A03:2021 \u2014 Injection (XSS)","scanner_should_fire":true,"sinks":["jinja Markup(user_input)"],"subtype":"stored-persistent","success_markers":["alert(1)"],"tags":["stored","persistent","second-order"]},"lab_url":"/stored/","sink":"Markup() / |safe","slug":"stored","source_url":"/source/stored","summary":"Comments are persisted and re-rendered as raw HTML for every visitor.","title":"Stored XSS (guestbook)","vulnerable":true}