Content Spoofing or Text Injection (404 error page injection on yrityspalvelu)

Vulnerability Description: Application allows users to inject any content on the 404 not found webpage Vulnerable Location: https://yrityspalvelu.tapiola.fi/a1/has%20been%20changed%20by%20a%20new%20one%20https://www.attacker.com%20so%20go%20to%20the%20new%20one%20since%20this%20one Fix : just use a 404 page that don't include attacker text Reference links: Below are the links which will help you to understand more about this issue including the remediation https://hackerone.com/reports/106350 https://hackerone.com/reports/102327 https://hackerone.com/reports/111860