HTML Injection in

Title : HTML Injection in
Vuln URL :
Author : Yogesh D Jaygadkar
Reported : July 02, 2012
Fixed : July 03, 2013
Public Released : July 03, 2013
OS : Win7, Win XP, Ubuntu


HTML injection is a type of attack focused upon the way HTML content is generated and interpreted by browsers at client if an attacker embeds html/script tags such <html>,<SCRIPT>, <OBJECT>, <APPLET>, or <EMBED> into a web site, the web browser's JavaScript engine will execute it.

While searching about some anti-virus related information i found that Symantec Antivirus official website is vulnerable to HTML Injection. Attacker can add HTML Tags into URL to execute html code on website.

Screenshot 1 :

Screenshot 2 :


Popular posts from this blog

Quick internet sharing - Laptop to mobile

PayPal : User Credit Card Information Disclosure

Password Reset Vulnerability in