HTML Injection - HTML Injections are one of the most common forms of XSS
HTML injection vulnerabilities are one of the most common forms of XSS. This is because XSS can be injected into any kind of markup, and HTML content is more likely to be found by hackers. It’s important to note that the manipulation doesn’t have to happen on a page. It could also occur in a comment or in a form. In these cases, it would be displayed in the browser and then executed on the server.
HTML Injection in Forms
The most important part of this particular type of attack is that the user can't tell just by looking at the code what's going on. This makes detection more difficult for any protection system that relies on looking at HTML source code. When the victim clicks on the form, they will be taken to a new page which has loaded from an external source, not from Kirby itself.
Published on: 08/29/2022 18:15:00 UTC
Last modified on: 09/07/2022 20:37:00 UTC