|
4 | 4 | <p> |
5 | 5 | Using untrusted input to construct an email can cause multiple security |
6 | 6 | vulnerabilities. For instance, inclusion of an untrusted input in an email body |
7 | | - may allow an attacker to conduct Cross Site Scripting (XSS) attacks, while |
| 7 | + may allow an attacker to conduct cross-site scripting (XSS) attacks, while |
8 | 8 | inclusion of an HTTP header may allow a full account compromise as shown in the |
9 | 9 | example below. |
10 | 10 | </p> |
|
19 | 19 | In the following example snippet, the <code>host</code> field is user controlled. |
20 | 20 | </p> |
21 | 21 | <p> |
22 | | - A malicious user can send an HTTP request to the targeted web site, |
23 | | - but with a Host header that refers to their own web site. This means the |
| 22 | + A malicious user can send an HTTP request to the targeted website, |
| 23 | + but with a Host header that refers to their own website. This means the |
24 | 24 | emails will be sent out to potential victims, originating from a server |
25 | | - they trust, but with links leading to a malicious web site. |
| 25 | + they trust, but with links leading to a malicious website. |
26 | 26 | </p> |
27 | 27 | <p> |
28 | | - If the email contains a password reset link, and should the victim click |
| 28 | + If the email contains a password reset link, and the victim clicks |
29 | 29 | the link, the secret reset token will be leaked to the attacker. Using the |
30 | 30 | leaked token, the attacker can then construct the real reset link and use it to |
31 | 31 | change the victim's password. |
|
38 | 38 | </example> |
39 | 39 | <references> |
40 | 40 | <li> |
41 | | - OWASP |
| 41 | + OWASP: |
42 | 42 | <a href="https://owasp.org/www-community/attacks/Content_Spoofing">Content Spoofing</a> |
43 | 43 | . |
44 | 44 | </li> |
|
0 commit comments