Insecure HTML Injection Demo

HTML Injection Demo

HTML Injection

The goal of this demo is to illustrate how HTML injection works and to raise awareness about the importance of properly sanitizing and encoding user input to prevent such attacks.

HTML injection is a type of attack where an attacker injects malicious HTML code into a web page. This can lead to various security vulnerabilities, such as cross-site scripting (XSS) attacks.

Try these exploits:

<script>alert('XSS Attack!')</script>
<script>window.location.href = 'https://google.com';</script>
<img src="https://t4.ftcdn.net/jpg/04/23/01/45/360_F_423014592_xEda30uVlLKOhElxTZ3D0bQhH25xDCd1.jpg" />
<script>window.open('https://google.com', 'popup', 'width=400,height=400');</script>
<script>document.body.style.backgroundColor = 'pink';</script>
<a href="https://malicious-site.com">Click here for a great deal!</a>
<span style="color: red; font-size: 24px;">This is a dangerous website!</span>
<iframe src="https://malicious-site.com"></iframe>