Professional Documents
Culture Documents
Khalid Shaikh
What is HTML5 ?
• But due this there are several possible threats that can be
exposed by careless developers.
• If a target website has XXS Vulnerability, the attacker can
leverage this to execute JavaScript Code and gain access to
local variables.
Example of Local Storage Vulnerability
Local Storage Vulnerability
Security measures to be follow to avoid this type of
vulnerability:
• It is recommended not store any sensitive information in local storage.
• It better to use object session Storage instead of local Storage if
persistent storage is not needed.
• Always pay an extra attention to “localStorage.getItem” and “setItem”
calls in HTML5 web page.
• To minimize the risk we would recommend not including the scripts from
external Host.
THANK YOU