XSS in Host Header

XSS is everywhere

Check if the given host header is accepted and reflected in response

Given text in response

In this application its take host header and reflect in response. So I gave java script in host header.

Click show response in browser

Successfully java script is executed…