# Introduction
: BWAPP → Low→ HTML Injection - Stored (blog)
# Training
: The ''htmli_stored.php'' page is a blog format.
Therefore, It is possible to save HTML tags so that the administrator can output unintended contents. Or When type in the text field on the blog and click [Go], Transfer the input and move to another page.
The contents of the exercise are as follows.
: Moving from htmli_stored.php to htmli_post.php using a text field.
First, copy the page format from htmli_post.php to use the htmli_post.php page format.
When fetching page formates, It's easy to import using the web developer tools in browser.
Put this code in the textfield and click [submint] to add it.
When user enter data in both fields and press [Go], the user moves to the page.
No comments:
Post a Comment