Hello, I’m Amir, and this is my first blog post here. Some time ago, @YShahinzadeh shared an endpoint with me and asked me to investigate it. It was vulnerable to HTML injection. Although it couldn't lead to XSS, I started exploring how to make the m...