Similarly to the Cross Site Scripting problem, a paste can also include HTML tags that would render in the application, resulting in an HTML injection.
# Create New Paste allows inserting HTML tags mutation { createPaste(title:"<h1>hello!</h1>", content:"zzzz", public:true) { paste { id } } } # Content of HTML_Injection.html # <h1> Hello </h1>! mutation { importPaste(host:"localhost", port:80, path:"/HTML_Injection.html"") }