# HTML Injection
: HTML Injection is a subclass of code injection attack. An attack that inserts malicious HTML Code into vulnerable parameters. Using this, the attacker inserts the HTML Tag on the page that the user requested to link and connects to the unintended content or the malicious site.
# Reflection technique.
: It is an attack that inserts a malicious HTML tag in the URL and causes the HTML tag to be executed on the user's PC Who clicked the link. ( In particular, when data is transmitted by the GET Method, the variable name & input value are exposed in the URL.# Storage technique.
: It is an attack that causes malicious HTML tag to be stored in DB so that the HTML Tags are executed on the PC of the users who has confirmed the stored tags. If attacker upload a malicious HTML tag to a public domain, attacker can attack multiple users.
No comments:
Post a Comment