jeudi 22 avril 2021

Can I inject meta tags via javascript to html? And is there any effect when I do that?

Problem

I am a ethical hacker and I am currently working on a challenge. I cannot disclose the challenge name right now. There is a website vulnerable to HTML Injection and I can inject meta tags in there. Can I disable the CORS via that?

Meta tag payload

<META HTTP-EQUIV=Access-Control-Allow-Origin CONTENT=*> I tried above payload and it isn't working.




Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)