Hyperlink Injection on Email Invitation

#DESCRIPTION Found an hyperlink injection of the name of Organization when the attacker invites the victim to his organization with injection hyperlink. #STEPS 1. Add organization with the name of https://attacker.com and switch it. 2. Go to user and invite the victim using email. 3. victim will seee the invitation with malicious link #POC IMAGE * Add organization name as https://attacker.com {F779678} * Go to user and invite someone and the victim will see the invitation {F779676} * accepted invitation for already registered {F779677} ## Impact Open Redirect from hyperlink injection to malicious website.