Stored XSS - User Name (Profile)

Description

The user's name is stored without sanitization and rendered in the navigation bar using dangerouslySetInnerHTML. Executes on every page load.

Proof of Concept

name = <img src=x onerror=alert(document.cookie)>

Remediation

Use JSX text interpolation instead of dangerouslySetInnerHTML.