HTML and CSS Injection :
Today i will talk about HTML and CSS injection. Any web application design by HTML, CSS and JavaScript, those are executed in client server. So if any attacker try with execute html or CSS or JavaScript code using URL parameter or input field and if successfully execute in client server via remote server. So this web application is vulnerable.
Now i will Demonstrate with PureVPN Official Website, That contain have HTML and CSS Injection. So Lets Start
Today i will talk about HTML and CSS injection. Any web application design by HTML, CSS and JavaScript, those are executed in client server. So if any attacker try with execute html or CSS or JavaScript code using URL parameter or input field and if successfully execute in client server via remote server. So this web application is vulnerable.
Now i will Demonstrate with PureVPN Official Website, That contain have HTML and CSS Injection. So Lets Start
1st Step : Go to the PureVPN Vulnerable website url
2nd Step : Now i am going to find out URL parameter and set my plain text and hit my enter button.
Now we can see the value that content i was set into URL parameter. So Now we can see plain text so we can call it text injection. Ok now we can try with execute html code into this URL Parameter if it will execute this application is vulnerable. So now the HTML code is also executed
Now I am going try with CSS code it will also execute in this URL.
Video POC
HTML and CSS Injection POC for PureVPN
Subscribe to:
Posts (Atom)