πŸ”

AUDIT DEMO β€” F-017 + F-034 chain (stored XSS + stego survival)

Added: 18.04.2026
AUDIT DEMO β€” F-017 + F-034 chain (stored XSS + stego survival)

Authorized security-audit demonstration. Safe, harmless, on purpose.

πŸ” AUDIT DEMO β€” F-017 + F-034 chain

This page is an authorized security-audit demonstration. Two live weaknesses:

  1. F-017 β€” this styled layout renders because the blog's content field echoes HTML + CSS + JS verbatim.
  2. F-034 β€” the background image is a PNG whose tEXt and iTXt chunks still carry a hidden payload after upload.

Hidden payload decoded client-side from the image:

Decoding…

Authorized by the site owner. See STEGANOGRAPHY_THREAT_ANALYSIS.md and F-017 / F-034 in the audit report.

β¬… Back to Blog