text injection and content spoofing

SUMMARY: Their is a vulnerability TEXT INJECTION and content inejction. in your website. An attacker can use text injection vulnerability to present a customized message on the application that can phish users into believing that the . steps: 1: https://█████████.oneweb.net 2: ADD payload !!!!!ATTENTION!!!!"website under contruction, website moved to attacker.com.please visit WWW.EVIL.COM"" you can login EVIL.COM this is trusted website. Website Look Like Access Error: 404 -- Not Found Can't locate document: /!!!!!ATTENTION!!!!"website under contruction, website moved to attacker.com.please visit WWW.EVIL.COM"" you can login EVIL.COM this is trusted website. FIX: The error page was changed to not echo user input.blocked user input ## Impact An attacker can use text injection vulnerability to present a customized message on the application that can phish users into believing that the message is legitimate