Ethical Hacking(Bug Bounty)-HTML Injection Reflected current URL

Pay attention to the current url and and refresh the page with burpsuite intercept turned on to the localhost that is http://127.0.0.1
You will have to go to the file folder of bwapp and search for current_url file and look at the Document object that is on case 1 which represents the entire HTML document, which can be used to access all elements in the page
$url = “http://” . $_SERVER[“HTTP_HOST”] . xss_check_3($_SERVER[“REQUEST_URI”]).

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store