Websites that accidentally distribute rogue code could find it harder to undo the damage if attackers exploit browser support for HTML5 local storage and an increasing tendency for heavy users of Web apps never to close their browser. Attacks could become invincible and the site at the origin of the attack remain compromised indefinitely, says Google security engineer Michal Zalewski. Attacks can also lead to multiple account compromises if the affected computers are used by different individuals, Zalewis says. Attacks are not yet common because of simpler techniques that hackers use, including exploiting remote code execution vulnerabilities.”]
Source: https://www.csoonline.com/article/2129793/xss-web-attacks-could-live-forever–researcher-warns.html