== Stored XSS
Stored cross-site scripting is different in that the payload is persisted (stored) as opposed to passed/injected via a link.

== Stored XSS Scenario
* Attacker posts malicious script to a message board 
* Message is stored in a server database
* Victim reads the message
* The malicious script embedded in the message board post executes in the victim’s browser
** The script steals sensitive information, like the session id, and releases it to the attacker

*Victim does not realize attack occurred*