
Vulnerability Description => HTML injection is a type of injection issue that occurs when a user is able to control an input point and is able to inject arbitrary HTML code into a vulnerable web page.
1. Go to the site (http://ordermanagementscript.com/demo/video-newspaper/). ⇓ ⇓ ⇓ ⇓

2-In Search Bar paste this code => <h1><a href=”https://google.com”>YOU ARE HACKED</a></h1>
⇓ ⇓ ⇓ ⇓

3- You will be redirected to the next page ⇓ ⇓ ⇓ ⇓

4- Now you can see YOU ARE HACKED name button ⇓ ⇓ ⇓ ⇓

5. Click the YOU ARE HACKED name button then you redirected to google.com ⇓ ⇓ ⇓ ⇓

