Content-Injection-Nuclei-Script

Description :

Arbitrary Text Injection is an attack where an application does not properly handle user-supplied data, an attacker can supply content to a web application, typically via a parameter value or through the URI path, that is reflected back to the web page.

Impact :

Risk factors depend on the business type of the application. If the application business brand is well known and has major competitors, this issue can be abused by malicious competitors/disgruntled employees/unsatisfied customers to trigger mass distributions of false messages to unsuspecting customers.

Tool :

https://github.com/projectdiscovery/nuclei

Refrence :

https://owasp.org/www-community/attacks/Content_Spoofing
https://hackerone.com/reports/327671