all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

HTML injection in an email template

Add to bookmarks
Jan. 14, 2023, 4:31 a.m. | zhero_

InfoSec Write-ups - Medium infosecwriteups.com

Credit : Pinterest

Send emails on behalf of a company? Here’s how I found this vulnerability in several large companies allowing me to easily earn bounties.

Hello hunters. The goal here is to be able to send email(s) on behalf of a company — from its email address — with the ability to change/customize the content and therefore the HTML template.

What is the impact of such a vulnerability ?

The impact of this vulnerability can be significant, …

bug bounty cybersecurity email hacker html html injection infosec injection pentesting template

Visit resource

More from infosecwriteups.com / InfoSec Write-ups - Medium

Mastering Shodan Search Engine 21 hours ago | infosecwriteups.com
bug bounty bug-bounty-tips cybersecurity information security +1
Email Verification Bypass via Remember Me 21 hours ago | infosecwriteups.com
bug bounty cybersecurity hacking pentesting +1
Exploiting Symlinks: A Deep Dive into CVE-2024–28185 and CVE-2024–28189 of Judge0 Sandboxes 21 hours ago | infosecwriteups.com
attacks code code execution continue +15
Typo Trouble: Exploring the Telegram Python RCE Vulnerability 21 hours ago | infosecwriteups.com
address alerts application concept +25
Active DNS Recon using AXIOM 21 hours ago | infosecwriteups.com
bug bounty bug-bounty-tips cybersecurity infosec +1
Information Disclosure: Story of 500€ + 400$ Bounty 21 hours ago | infosecwriteups.com
bug bounty cybersecurity hacking information technology +1
Demystifying Password Cracking: Attacks and Defence Strategies 21 hours ago | infosecwriteups.com
cybersecurity ethical hacking hacking infosec +1
Race Condition and Broken Access Control on Developer Dashboard 21 hours ago | infosecwriteups.com
access access control broken access control can +24
Windows Fundamentals 1 | TryHackMe Walk-Through 21 hours ago | infosecwriteups.com
cybersecurity infosec security tryhackme +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Check Team Members / Cyber Consultants / Pen Testers

@ Resillion | Birmingham, United Kingdom
View on infosec-jobs.com

Security Officer Field Training Officer- Full Time (Harrah's LV)

@ Caesars Entertainment | Las Vegas, NV, United States
View on infosec-jobs.com

Cybersecurity Subject Matter Expert (SME)

@ SMS Data Products Group, Inc. | Fort Belvoir, VA, United States
View on infosec-jobs.com

AWS Security Engineer

@ IntelliPro Group Inc. | Palo Alto, CA
View on infosec-jobs.com

Information Security Analyst

@ Freudenberg Group | Alajuela
View on infosec-jobs.com
View more jobs