Parameter vulnerable for HTML injection but cannot exploit because of URL encoding
I found a HTML injection vulnerability but there is an issue.
The following request returns the following:
curl "https://redacted.com/xss/para?meter="><h1>Test\</h1>"<meta name="url:url" content=&… Continue reading Parameter vulnerable for HTML injection but cannot exploit because of URL encoding