HTML injection in email at https://www.hackerone.com/

**Summary:** By filling the firstname and last name with html tags at this form https://www.hackerone.com/hackers/pentest-community-application It is possible to send email via hackerone and add custom html :) **Description:** ### Steps To Reproduce 1. visit https://www.hackerone.com/hackers/pentest-community-application 2. in first name and last name add html tags ie firstname "><h1>anything etc. 3. in email section add email of victim . 4. submit the form 5. check the email and see the html injected there ### additional information: 1.) please check the screenshot to see both the emails ie 1 without payload and one with payload ### Optional: Your Environment (Browser version, Device, etc) * ### Optional: Supporting Material/References (Screenshots) * ## Impact An attacker can send malicious emails from hackerone , inject html in the email :) we all know where it leads to .