Html Injection

By | November 3, 2019

HTML injection is the vulnerability inside any website that occurs when the user input is not correctly sanitized or the output is not encoded and the attacker is able to inject valid HTML code into a vulnerable web page. There are so many techniques which could use element and attributes to submit HTML content

Search for search bar or comment sessions or any input taking feild and try to send  input html  code there


if the website is  taking input without filtering the html code then the website is  vulnerable to HTML  injection

see the video below for POC



HTML injection Vulnerability POC

Author: Ravi Sarode, founder of I am an Ethical Hacker, Web Application Penetration Tester and Security Researcher

Leave a Reply

Your email address will not be published. Required fields are marked *