all InfoSec news
Html Injection On One Of The Indian Government’s Official Domain
Feb. 22, 2023, 1:16 p.m. | Vedavyasan S (@ved4vyasan)
System Weakness - Medium systemweakness.com
Hi, Everyone.
Today im going to share the story that how i got the html injection vulnerability on Indian Government website.
First of all, i used some dorks to find login/register pages of Indian government.
dorks used-
site:*.*gov.in inurl:register
and i found a link:
https://smsheader.trai.gov.in/loginpage
on that page there is a field named “Fill your basic information” and there is two option one is for email and the another one is for email address.after filling the email option …
bug bounty bug-bounty-tips bugbounty-writeup domain government html html injection injection official
More from systemweakness.com / System Weakness - Medium
Jobs in InfoSec / Cybersecurity
Product Regulatory Compliance Specialist
@ Avery Dennison | Oegstgeest, Netherlands
Cyber Security Analyst
@ FinClear | Melbourne, Australia
Senior Application Security Manager, United States-(Virtual)
@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
Vice President - Information Security Management - FedRAMP
@ JPMorgan Chase & Co. | Chicago, IL, United States
Vice President, Threat Intelligence & AI
@ Arctic Wolf | Remote - Minnesota
Cybersecurity Analyst
@ Resource Management Concepts, Inc. | Dahlgren, Virginia, United States