HTML Injection

Bug Bounty Cybersecurity
cover-image

Hello everyone, today we are going to learn about HTML injection vulnerability.

Before going into the article, if you are new to our website, please check out the account takeover labs that we have on our website, and they are totally free.

Now, let’s get back to the topic.

What is HTML?

HTML is defined as Hypertext markup language; it is a language that helps you build a webpage. And using it you can determine, where the paragraph should be on the webpage, where the user input should be, and whatnot. Everything comes. Mostly, all the websites use HTML language, and there might be a possibility of finding an HTML Injection.

What is HTML Injection?

Html Injection is a vulnerability that is quite like cross-site scripting. When it comes to Cross-site-scripting, the attacker injects JavaScript code and executes the JavaScript code if it is vulnerable, and when it comes to HTML injection, the attacker can be able to inject some HTML tags but not all.

Let’s have a practical look at vulnerability.

I am going to take a demo website for testing purposes http://testphp.vulnweb.com/

Attack Scenario:

  1. Open the website.
  1. Now, in the search field insert the payload mentioned below:

<h1 style=”color:Blue;”>Hello World</h1>

  1. Now, click on the go button. And Hello World — will turn Blue.
  1. Boom! The HTML Injection is present on the website. And it is vulnerable to HTML injection.

How to find these vulnerabilities in websites?

Steps to do that:

  1. First, find all the user input fields, and see if the given input is reflected back on the website or not.
  2. Now, try injecting the normal HTML tags like heading tags, for example.
  3. After that, If the HTML code gets executed. Then, you found an HTML injection vulnerability. And don’t stop there.
  4. As the input is getting reflected, try to inject JavaScript code. And if the JavaScript code gets executed. Now you can find XSS vulnerability.

What are the fields, where you can try to find HTML Injection vulnerability:

  • First name
  • Middle Name
  • Last Name
  • Username
  • Search Boxes
  • Any input field, which accepts the user input.

This would be the standard procedure to find HTML Injection vulnerability.

I hope you understand the article. And before ending the article I would like to give some write-ups and Hacker One reports that help you to find HTML injection vulnerability.

Write-ups of HTML Injection:

  1. https://medium.com/@sathvika03/all-you-need-to-know-about-html-injection-4f8cd71e1dfa
  1. https://medium.com/@chaitanyarajhans024/simple-html-injection-to-250-895b760409ed
  1. https://ms-official5878.medium.com/html-injection-a3f791d31b3c
  1. https://corneacristian.medium.com/methods-to-exploit-html-injection-17b4254035e

Hacker One reports:

  1. https://hackerone.com/reports/768327
  1. https://hackerone.com/reports/1461194
  1. https://hackerone.com/reports/150179
  1. https://hackerone.com/reports/502926
  1. https://hackerone.com/reports/181810

Thank You.

bugbounty html injectionattacks vulnerability

Asif Pathan

Related Articles

all-about-idor-image
All about IDOR
Continue Reading
no-rate-limit-on-forgot-password-page-cover-image
No Rate Limit on Forgot Password Pages
Continue Reading
information-disclosure-cover-image
Information Disclosure
Continue Reading