Methods to Exploit HTML Injection
In this article, we will discuss the HTML Injection vulnerability, and 3 methods of how to creatively leverage it for exploitation.
Firstly, let’s have an overview of HTML Injection.
What is HTML Injection?
Before starting to go into details, I want to clarify that HTML Injection is not Cross-Site Scripting (XSS). Those two are totally different vulnerabilities.
In an XSS attack, you are able to inject JavaScript into the vulnerable application. On the other side, in an HTML Injection attack, you will be able to execute only HyperText Markup Language (HTML), including CSS sometimes.
Both XSS and HTML Injection have the same root cause — unvalidated input accepted.
Usually, if the input is reflected or stored within the application without any further validation or escaping, then it can be a scenario where you will have an HTML Injection. If the JavaScript is blocked due to any protection mechanisms, such as Content Security Policy (CSP), then you may try inserting only HTML code.
#1: Open Redirection through HTML Injection
In this scenario, you can achieve two things from one shot:
- External Redirection to a phishing page or some attacker’s controlled domain
- Application Denial-of-Service (DoS) on the page where you insert the payload and get executed, because the users will not be…
