Replies: 1 comment
-
@JadGh7 This means that the user's input was reflected in the HTML without the special characters being escaped. By default, this is an HTML Injection. If you can find a way to execute Javascript from here, it could evolve into an XSS (Cross-Site Scripting) attack, and if you can control CSS, it could become a CSS Injection :)
|
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
can someone please explain what does this mean:
W] Reflected Payload in HTML: title='>asd
1 line: 7O3Yp">Biryani Needs'>asd<section class="container d-fle
[POC][R][GET][inHTML-URL]
Beta Was this translation helpful? Give feedback.
All reactions