HTML Injection in Subscan view in yogeshojha/rengine
Valid
Reported on
Apr 25th 2022
Description
HTML code is executed in the Subscan feature
Proof of Concept
1. Add a scan engine: <h1>HTMLInjection
2. Go to "subdomains" for a target and add a Subscan using the scan engine.
3. Initiate a Subscan
4. View the subscan
Impact
HTML injection,
We are processing your report and will contact the
yogeshojha/rengine
team within 24 hours.
a month ago
The researcher's credibility has increased: +7
nerrorsec
has been awarded the fix bounty
to join this conversation