We covered practical HTML Forms Injection using Burp Suite to solve Challenge 10 in OWASP Hackademic free lab.

We can test for HTML Injection by changing the value of the query parameter with html code Or this can be done via a proxy interceptor when the HTTP request is POST.

In the stored version of HTML Injection, we can use the same malicious login code used in the case of reflect HTML injection but the place of injection would be any input box in the website such as comment areas, search forms and other places that take user input.

Get OSCP Certificate Notes

The Complete Practical Web Application Penetration Testing Course

Video Walkthrough

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles