.png)
4 hours ago
7 BOOK THIS SPACE FOR AD
ARTICLE ADSo Let’s get start the journey :)
I m talking about hyperlink injection most of the hunters ignore this bug because of most of the time program didn't accept it but you have to take every small to big bug serious and make a perfect report and send the report to the program.
How did you get this and make your first bounty ?
Well, most of the companies forgot to mitigate the links in the automated mail generating by the program when we try signup, send invites, subscribe form and any other forms which contain first name or last name or any other parameters which reflect in the mail when try signup, send invite, subscribe or any such kind of action.
So here is your first or $100 bounty steps:
Go to signup formPlace the hyperlink in the first or last name https://evil.comRemember only inject the link in those parameters which reflect in the generated mailNote: Most of developer mitigate full links than try this link evil.com without
4. Check received mail which contain hyperlink in the first name
5. Click the link redirect on https://evil.com or evil.com
6. Immediately write a good report and send to the program and wait for your bounty
Note: Make impact more as possible to the condition for maximize the severity and bounty
Bengali (Bangladesh) · 
English (United States) ·