Harvard - Search Eng. - HTML Injection

• 举报此文章

Ivan Ricart Borges ??? ?

Ivan Ricart Borges ??? ?

Team Lead ? S.S.E. Full-Stack E.R.P. Dev. ? Cybersec. Enth. ? C++ · C# · Yii · PHP · JS · React · Recoil · Flutter · Express · Python · Go · Lua

发布日期: 2020年6月21日

+ 关注

Good morning, sir,

I'm sending this notice to inform you that the course search engine located at https://online-learning.harvard.edu allows HTML injection, as can be seen in the following link:

https://online-learning.harvard.edu/catalog?keywords=%3Cimg+src%3D%22https://i.ytimg.com/vi/cym_4WmltIU/maxresdefault.jpg%22+%3E&op=Search

In the example above an element <img> is injected from a remote location.

I hope that the information provided is of your help.

Ivan

要查看或添加评论，请登录

Ivan Ricart Borges ??? ?的更多文章

• APK to AAB automatic tool using GO

  2022年8月12日

  APK to AAB automatic tool using GO

  According to Google play policy Requirements: from August 2021, Google play will begin to require new applications to…

  4
• Hidden Skills - 3D Arcade Platform Videogame

  2021年8月8日

  Hidden Skills - 3D Arcade Platform Videogame

  https://hidden-skills.vercel.

  4

  3 条评论
• GitHub - 25 Custom Cybersecurity & Full-Stack Repositories

  2021年5月15日

  GitHub - 25 Custom Cybersecurity & Full-Stack Repositories

  https://github.com/iricartb 1.

• Alejandro Ricart Cabús - The construction of the Great Pyramid

  2021年2月28日

  Alejandro Ricart Cabús - The construction of the Great Pyramid

  https://pyramid-solution.herokuapp.

  1
• LinkedIn - Open Redirect Vulnerability - Protection Mechanism Bypass

  2020年10月29日

  LinkedIn - Open Redirect Vulnerability - Protection Mechanism Bypass

  https://linkedin-open-redirect-vulnerability.blogspot.

  3
• LaravelCRM - CRUD & AUTH - v7.0

  2020年6月28日

  LaravelCRM - CRUD & AUTH - v7.0

  Simple CRM made using the Laravel framework: Migration and Seeding to create the database structure using relational…

  4

  2 条评论
• CS50's Mobile App Dev. React Native

  2020年6月21日

  CS50's Mobile App Dev. React Native

  Course description This course picks up where CS50 leaves off, transitioning from web development to mobile app…

  3
• Alejandro Ricart Cabús - The construction of the Great Pyramid

  2019年8月16日

  Alejandro Ricart Cabús - The construction of the Great Pyramid

  The construction of the Great Pyramid. Constructive solution on how the pyramids of Egypt were built.

• RPC Gateway Sockets - C# & C++

  2018年12月19日

  RPC Gateway Sockets - C# & C++

  Use of sockets to emulate a basic RPC service in order to execute remote commands on a Windows server regardless of…

  4
• AIWS - Automated Industrial Weighing System - C#

  2018年9月19日

  AIWS - Automated Industrial Weighing System - C#

  Analysis and development of an automated weighing system desktop application. Desktop application that allows the…

Show more

See all articles