webPromedium

Lab 75 — StayNest — Stored XSS in Hotel Booking Form

hackadvisor

Task: hotel booking platform where admin reviews bookings, HttpOnly cookie blocks external exfiltration. Solution: stored XSS in special_requests field exploits unescaped EJS in admin panel, uses internal unauthenticated API to exfiltrate flag.

$ ls tags/ techniques/
nodejsejsxssstored_xssexpressadmin_bothttponly_bypassbooking_form
stored_xss_injectionhttponly_cookie_bypassinternal_api_exfiltrationadmin_panel_exploitation
🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

Sign in with GitHub to continue. No email required.

$sign in

$ grep --similar

Similar writeups