Update:

To exploit this in both firefox and IE requires an extra char ("=") in the end.


Using the same PoC URL we get:

https://target.tld/my.logon.php3?">HTML_injection_test



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH