AUDIT DEMO — F-017 + F-034 chain (stored XSS + stego survival)

🔐 AUDIT DEMO — F-017 + F-034 chain

This page is an authorized security-audit demonstration. Two live weaknesses:

1. F-017 — this styled layout renders because the blog's content field echoes HTML + CSS + JS verbatim.
2. F-034 — the background image is a PNG whose tEXt and iTXt chunks still carry a hidden payload after upload.

Hidden payload decoded client-side from the image:

Decoding…

Authorized by the site owner. See STEGANOGRAPHY_THREAT_ANALYSIS.md and F-017 / F-034 in the audit report.