Skip to main content

Posts

Showing posts with the label text based injection

Text Based Injection | Content Spoofing | Low Impact Common Web Vulnerability

Text Based Injection: Text injection or Text-Based Injection(TBI) is an injection in which user input is reflected as it is in the application response as plaintext. This is one of the ways to perform content spoofing also referred to as content injection or virtual defacement which can be used in phishing attacks. An application is vulnerable to Text injection when it does not properly handle user-supplied data, an attacker can supply content to a web application, typically via a parameter value, or from the URL only that is reflected back to the user. The user will be presented with a modified page under the context of the trusted domain.