Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

HTML injection

I
Infogram
Submitted None
Actions:
View on HackerOne
Reported by nihadrekanym

Vulnerability Details

Technical details and impact analysis

hi team ... i found HTML i on https://infogram.com/app/#/library step .. 1- go to https://infogram.com/app/#/library 2- choose Report Templates . 3- Use Report Classic 4- click to edit_data 5- edit cell __Employee ID__ 5- payload > <h1>hacked</h1> <marquee behavior="scroll" direction="left">hacked</marquee> <h1 style="background-color:#000099;">hacked</h1> 6-execute HTML .. POC .. video on attached

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Submitted