Persistent Cross-site Scripting (also known as Persistent XSS or Stored XSS) is a type of Cross-Site Scripting (XSS) attack. XSS attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
Persistent XSS attacks are those where the injected script is permanently stored on the target servers, such as in a database, in a message forum, visitor log, comment field, etc. The malicious injected script is then permanently stored on the web-pages and returned to any user who accesses the web page containing the script.