all InfoSec news
HTML injection in an email template
Jan. 14, 2023, 4:31 a.m. | zhero_
InfoSec Write-ups - Medium infosecwriteups.com
Send emails on behalf of a company? Here’s how I found this vulnerability in several large companies allowing me to easily earn bounties.
Hello hunters. The goal here is to be able to send email(s) on behalf of a company — from its email address — with the ability to change/customize the content and therefore the HTML template.
What is the impact of such a vulnerability ?
The impact of this vulnerability can be significant, …
bug bounty cybersecurity email hacker html html injection infosec injection pentesting template
More from infosecwriteups.com / InfoSec Write-ups - Medium
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Check Team Members / Cyber Consultants / Pen Testers
@ Resillion | Birmingham, United Kingdom
Security Officer Field Training Officer- Full Time (Harrah's LV)
@ Caesars Entertainment | Las Vegas, NV, United States
Cybersecurity Subject Matter Expert (SME)
@ SMS Data Products Group, Inc. | Fort Belvoir, VA, United States
AWS Security Engineer
@ IntelliPro Group Inc. | Palo Alto, CA
Information Security Analyst
@ Freudenberg Group | Alajuela