HTML Injection > licensing.fcc.gov‏‏‏‏‏‏‏‏‏‏

Disclosed by
Naplon's avatar
Naplon
Summary by Naplon

Target category : Website Testing
vrt : Server-Side Injection > Content Spoofing

Summary :
HTML injection is a type of injection vulnerability that occurs when a user is able to control an input point and is able to inject arbitrary HTML code into a vulnerable web page. This vulnerability can have many consequences, like disclosure of a user’s session cookies that could be used to impersonate the victim, or, more generally, it can allow the attacker to modify the page content seen by the victims.

https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/03-Testing_for_HTML_Injection

Target Location : fcc.gov

Activity
  1. WutangCheng’s avatar
    WutangCheng Customer published the disclosure report

    ()

  2. Naplon’s avatar
    Naplon requested disclosure

    ()

  3. WutangCheng’s avatar
    WutangCheng Customer changed the state to Resolved

    ()

  4. WutangCheng’s avatar
    WutangCheng Customer sent a message

    ()

  5. Naplon’s avatar
    Naplon sent a message

    ()

  6. WutangCheng’s avatar
    WutangCheng Customer sent a message

    ()Edited

  7. WutangCheng’s avatar
    WutangCheng Customer sent a message

    ()

  8. Naplon’s avatar
    Naplon sent a message

    ()

  9. WutangCheng’s avatar
    WutangCheng Customer changed the state to Unresolved

    ()

  10. WutangCheng’s avatar
    WutangCheng Customer sent a message

    ()

  11. soheesec_bugcrowd’s avatarbugcrowd logo
    soheesec_bugcrowd changed the state to Triaged

    ()

  12. soheesec_bugcrowd’s avatarbugcrowd logo
    soheesec_bugcrowd sent a message

    ()

  13. soheesec_bugcrowd’s avatarbugcrowd logo
    soheesec_bugcrowd changed the severity to P4

    ()

  14. soheesec_bugcrowd’s avatarbugcrowd logo
    soheesec_bugcrowd updated VRT to Server-Side Injection > Content Spoofing

    ()

  15. Naplon’s avatar
    Naplon created the submission

    ()