HTML injection with AutoComplete suggestions
None
Vulnerability Details
1. As user1 set your displayname to `<a href="https://nextcloud.com">Name</a>`
2. As user2 autocomplete the name in the comments input (or Talk chat input)
3. Click on the user name you just autocompleted
User2 is redirected to `https://nextcloud.com`
Only works with HTML, not with `script`
## Impact
User1 can trick user2 to render any html
Actions
View on HackerOneReport Stats
- Report ID: 383117
- State: Closed
- Substate: resolved
- Upvotes: 5