Title: HTML Injection Attack: Exploiting Insufficient Input Validation to Deface Web Pages

Title: HTML Injection Attack: Exploiting Insufficient Input Validation to Deface Web Pages

CVE-2022-3245 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input.

Learn more about our User Device Pen Test.