HTML Injection
Severity: Medium Discovered: 10 of October-2022, 11:11 PM
CWE ID
CWE-80
CVSS
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Details
HTML Injection allows an attacker to inject certain HTML tags in the vulnerable parameters. This happens because the application isn't properly handling user-supplied data.
Possible exposure
Execute Unauthorized Code or Commands; Bypass Protection Mechanism;; Website Defacement
Remediation suggestions
All user-supplied data needs to be sanitized.
Request
GET https://brokencrystals.com/api/testimonials/count?query=select+count%281%29+as+count+from+testimonial%3Ca%3Ef5a6d0%3C%2Fa%3E HTTP/1.1
Accept: application/json, text/plain, */*
Referer: https://brokencrystals.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
Accept-Encoding: identity
Cookie: bc-calls-counter=1665443467078; connect.sid=pgzO5xfXMhIXkxM6zNyaExYHCpTykrGT.0qpLqphS2vccwZZKVh7igW%2FrhcAvKwpK02yQ%2BeaK1SU
Response
HTTP/1.1 200
Server: nginx/1.19.8
Date: Mon, 10 Oct 2022 23:11:11 GMT
Content-Type: text/html
Content-Length: 84
Connection: keep-alive
vary: Origin
access-control-allow-origin: *
x-xss-protection: 0
strict-transport-security: max-age=0
x-content-type-options: 1
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'
set-cookie: bc-calls-counter=1665443471082
Cache-Control: public, max-age=99999
select count(1) as count from testimonial<a>f5a6d0</a> - syntax error at or near "<"
External links
HTML Injection
Severity:
MediumDiscovered:10 of October-2022, 11:11 PMCWE ID
CWE-80
CVSS
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Details
HTML Injection allows an attacker to inject certain HTML tags in the vulnerable parameters. This happens because the application isn't properly handling user-supplied data.
Possible exposure
Execute Unauthorized Code or Commands; Bypass Protection Mechanism;; Website Defacement
Remediation suggestions
All user-supplied data needs to be sanitized.
Request
Response
External links