AnsweredAssumed Answered

QID : 150000 How does Qualys perform Persistent Cross Site scripting

Question asked by Florence Daniel on Oct 5, 2012
Latest reply on Oct 5, 2012 by Florence Daniel



We are in the process of getting our web sites PCI certified. One Issue reported by Qualys PCI scan is Persistent Cross Site Scripting attack.


We are not able to reproduce it using the url and payload reported in the scan. However for other vulnerabilites like reflected cross site scripting we are able to reproduce the attack using the data given in the report.


Can someone please help me understanding how to interpret the urls and payload given in the report for this particular vulnerability?