Hello readers how are you, i hope all of you are doing great.
I am back with another writeup for the community:
I was just searching for private programs for hyperlink injection on google after choosing a random program i was just click on blog then will reached at https://target.com/blog
scroll down and see that there was a submit form having name and email field with the help of that we can subscribe to the platform for new blog posts notifications, then i immidiately injected html and ssti payload
{{8*8}}/”><A HREF=bing.com>HELLO</A”>
in name field and my email in email field then “click keep me updated button” yes i received an email but some malicious characters removed from the payload and some were cached as it is
Press enter or click to view image in full size
then i again went to submit form and injected simple hyper link payload like “ sign in here evil.com and get 100$ bonus” in name field and click the submit button and went to my inbox and my hyper link was successfully injected
Press enter or click to view image in full size
I was surprised, but not 100% sure about bounty or acceptance of bug, because some programs dont take serious this bug, i was…