.png)
1 year ago
79 BOOK THIS SPACE FOR AD
ARTICLE ADWhoami: Althaf
What I do: Learn | Hunt | Repeat
This is my first write-up about how I find Stored HTML injection, So without making delay let’s get into the blog
What is HTML Injection Vulnerability? HTML injection vulnerability is a type of security vulnerability that occurs when user input is not properly sanitized and is included in an HTML document. This can allow an attacker to inject malicious code, such as a script, into the HTML document, which can be executed by the browser and potentially steal sensitive information or perform other malicious actions.
It is my finding that I found some more months back
For some security reasons, I can’t disclose the name of the site, let us assume it is dummy.com
In dummy.com after creating an account I looked for XSS, I tried all possible payloads everywhere and found that one of my img src payloads loaded in the bio section of my profile but I couldn’t get a popup
and I was like
Yes it is the place to check for
And I found that the Bio section is vulnerable to Stored HTML injection
So I tried some basic HTML tags in the bio section, saved and got executed perfectly
And I was like
And after some time I modified my XSS payload and also got the XSS
So I reported these both, Sadly it got duplicated :(
But Getting duplicates is also progress, So I thought of sharing it with you guys, I will keep on posting some interesting vulnerabilities of mine in the upcoming days
Comments and Suggestions are welcome :)
Check me here :
Bengali (Bangladesh) · 
English (United States) ·