The application prints our current URL on the page.
Let's turn on the intercept in Burpsuite and reload the page.
We can change the Host: field to any value we want.
Host:
Let's turn off the intercept so that the request reaches to the server.
We have successfully performed HTML injection.
Last updated 1 year ago
Host: getHacked
