.png)
3 years ago
161 BOOK THIS SPACE FOR AD
ARTICLE AD
HTML Injection To Free Ticket Cyber Security Event
Hello everyone my name is Mohammad Alfin Hidayatullah, i am a junior bug hunter and i am from Indonesia.
I wanna share my story about how i get free ticket Cyber Security Event by geekle.us
What is HTML Injection?? HTML Injection is Vulnerability that use HTML tag to injecting some page, this bug look similar like XSS (cross site scripting) but HTML Injection cant use javascript to trigger XSS.
Step by step:
I just Saw some ads by Geekle.us from Facebook and i try to register in geekle.us
I try to register in geekle.us but the name column i fill with html tag.
And i got no Verification email to see my html tag got trigger or no, and i try to test with forget password feature
And i got email + my html tag got trigger in email.
And i think if i report this bug maybe geekle.us team this bug say out of scope or something like that, because this bug has low impact to user.
But after geekle.us team review is they say this bug valid and send me some ticket for Cyber Security event.
Im glad i reporting this bug because i get free ticket Cyber Security event and lesson about do not judge bug by level 😂
Thanks for reading my story. And see you next time.
Bengali (Bangladesh) · 
English (United States) ·