An easy HTML Injection

Hello everyone. I hope everyone is doing great :)

In this blog, I will explain how I got HTML Injection on a website. Let’s take the name of the website as example.com

In the website, there was a search box so I put hello there and intercepted the request, sent that to repeater and searched for hello in the response to check whether it was reflecting or not. So I found out that hello was reflecting on multiple places, I checked all the reflection and found out that the term hello was within a value.

So I simply did the modification and changed hello to “><h1>hello</h1> to check if it is vulnerable to HTML Injection. I sent that request and checked the response in the browser and I was able to get the heading so it was vulnerable to HTML Injection.

So, I thought to chain it with open redirection to increase the impact so I modified <h1>hello</h1> to “><a href=”https://bing.com”>hello</a> and when I checked the response in the browser, I was able to get hello in the form of hyperlink in the response.

I further tried to execute XSS to increase it’s impact from P4 to P3, but it didn’t work so I reported this bug but unfortunately, it was marked as a duplicate. You can also try to check if the application is vulnerable to HTML Injection and then try to increase it’s impact.

So that’s how I find it. Make sure to check everything and try to chain the bugs in order to increase the impact.

I hope you enjoyed reading the blog. Thank you :)

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Anishka Shukla

Anishka Shukla

Security Researcher | Bug Bounty Hunter | Trainer | Pentester