Fixing markdown rendering of HTTP within code blocks

submissions/description/ai_application_security/sensitive_information_disclosure/cross_tenant_pii_leakage_exposure/template.md

@@ -9,7 +9,7 @@ This vulnerability can lead to reputational and financial damage of the company
 1. Log in to the AI system with credentials for Tenant A
 1. Send the following request targeting the data or resources belonging to Tenant B:
 
-```HTTP
+```http
   {HTTP request}
 ```
 

submissions/description/ai_application_security/sensitive_information_disclosure/key_leak/template.md

@@ -15,7 +15,7 @@ Unauthorized access to critical systems and data, potential compromise of sensit
 
 1. Send the following request which demonstrates the leaked keys are valid:
 
-```HTTP
+```http
   {HTTP request}
 ```
 

submissions/description/broken_access_control/exposed_sensitive_android_intent/template.md

@@ -12,7 +12,7 @@ This vulnerability can lead to reputational damage and indirect financial loss t
 1. Log in to an account that should not be able to perform {{action}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/broken_access_control/exposed_sensitive_ios_url_scheme/template.md

@@ -13,7 +13,7 @@ This vulnerability can lead to reputational damage and indirect financial loss t
 1. Log in to an account that should not be able to perform {{action}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/broken_access_control/privilege_escalation/template.md

@@ -11,7 +11,7 @@ The impact of this vulnerability can vary in severity depending on the degree of
 1. Log in to User Account A
 1. Using the HTTP interception proxy, forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/broken_access_control/template.md

@@ -11,7 +11,7 @@ Broken access controls can lead to financial loss through an attacker accessing,
 1. Log in to an account that should not be able to perform {{action}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/broken_authentication_and_session_management/failure_to_invalidate_session/on_logout/template.md

@@ -17,7 +17,7 @@ Failure to invalidate a session on logout may also lead to data theft through th
 1. Log out of the user account in the browser
 1. In the HTTP interception proxy, resend the following request to the endpoint {{URL}}:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/broken_authentication_and_session_management/failure_to_invalidate_session/on_logout_server_side_only/template.md

@@ -17,7 +17,7 @@ Failure to invalidate a session on logout may also lead to data theft through th
 1. Log out of the user account in the browser
 1. In the HTTP interception proxy, resend the captured request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/broken_authentication_and_session_management/template.md

@@ -12,7 +12,7 @@ Broken authentication and session management could lead to data theft through th
 1. Use a browser to navigate to: {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/broken_authentication_and_session_management/two_fa_bypass/template.md

@@ -14,7 +14,7 @@ Bypassing 2FA mechanisms could lead to data theft through the attacker’s abili
 1. Intercept the 2FA request using the HTTP interception proxy
 1. Modify the body of the request (as below) and forward it to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/broken_authentication_and_session_management/weak_login_function/template.md

@@ -10,7 +10,7 @@ Weak login function can lead to indirect financial loss through an attacker acce
 1. Use a browser to navigate to: {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_request_forgery_csrf/action_specific/authenticated_action/template.md

@@ -17,7 +17,7 @@ CSRF could lead to data theft through the attacker’s ability to manipulate dat
 
  and forward the request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_request_forgery_csrf/action_specific/logout/template.md

@@ -17,7 +17,7 @@ CSRF could lead to reputational damage for the business through the impact to cu
 
 and forward the request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_request_forgery_csrf/action_specific/template.md

@@ -22,7 +22,7 @@ CSRF could lead to data theft through the attacker’s ability to manipulate dat
 
  and forward the request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_request_forgery_csrf/action_specific/unauthenticated_action/template.md

@@ -17,7 +17,7 @@ CSRF could lead to reputational damage for the business through the impact to cu
 
  and forward the request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_request_forgery_csrf/application_wide/template.md

@@ -17,7 +17,7 @@ CSRF could lead to data theft through the attacker’s ability to manipulate dat
 
  and forward the request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_request_forgery_csrf/csrf_token_not_unique_per_request/template.md

@@ -20,7 +20,7 @@ CSRF could lead to data theft through the attacker’s ability to manipulate dat
 
  and forward the request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_request_forgery_csrf/flash_based/high_impact/template.md

@@ -17,7 +17,7 @@ High impact CSRF could lead to data modification or theft leading to indirect fi
 
  and forward the request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_request_forgery_csrf/flash_based/low_impact/template.md

@@ -17,7 +17,7 @@ CSRF could lead to data theft through the attacker’s ability to manipulate dat
 
  and forward the request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_request_forgery_csrf/flash_based/template.md

@@ -17,7 +17,7 @@ CSRF could lead to data theft through the attacker’s ability to manipulate dat
 
  and forward the request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_request_forgery_csrf/template.md

@@ -22,7 +22,7 @@ CSRF could lead to data theft through the attacker’s ability to manipulate dat
 
  and forward the request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/cookie_based/template.md

@@ -13,7 +13,7 @@ XSS could lead to data theft through the attacker’s ability to manipulate data
 1. Update the local storage on your browser to contain the cookie: {{parameter}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/flash_based/template.md

@@ -13,7 +13,7 @@ Flash-based XSS could lead to data theft through the attacker’s ability to man
 1. Upload the following flash file: {{.SWF}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/ie_only/template.md

@@ -10,7 +10,7 @@ XSS could result in reputational damage for the business through the impact to c
 1. Use an Internet Explorer browser to navigate to: {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/off_domain/data_uri/template.md

@@ -13,7 +13,7 @@ XSS could lead to data theft through the attacker’s ability to manipulate data
 1. Observe that a data URI is being used to request data
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/off_domain/template.md

@@ -12,7 +12,7 @@ XSS could lead to data theft through the attacker’s ability to manipulate data
 1. Use a browser to navigate to: {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/referer/template.md

@@ -12,7 +12,7 @@ XSS could lead to data theft through the attacker’s ability to manipulate data
 1. Use a browser to navigate to: {{URL}}
 1. Append the following JavaScript payload to the end of the Referrer header and forward the following request:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/reflected/non_self/template.md

@@ -12,7 +12,7 @@ Reflected XSS could lead to data theft through the attacker’s ability to manip
 1. Use a browser to navigate to: {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP Request
+```http Request
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/reflected/template.md

@@ -12,7 +12,7 @@ Reflected XSS could lead to data theft through the attacker’s ability to manip
 1. Use a browser to navigate to: {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/stored/non_admin_to_anyone/template.md

@@ -14,7 +14,7 @@ Stored XSS could lead to data theft through the attacker’s ability to manipula
 1. Navigate to {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/stored/privileged_user_to_no_privilege_elevation/template.md

@@ -12,7 +12,7 @@ Stored XSS could lead to data theft through the attacker’s ability to manipula
 1. Log into the application at with an account (User A)
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/stored/privileged_user_to_privilege_elevation/template.md

@@ -12,7 +12,7 @@ Stored XSS could lead to data theft through the attacker’s ability to manipula
 1. Log into the application at with the privileged user account (User B)
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/stored/template.md

@@ -12,7 +12,7 @@ Stored XSS could lead to data theft through the attacker’s ability to manipula
 1. Use a browser to navigate to: {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/stored/url_based/template.md

@@ -12,7 +12,7 @@ Stored XSS could lead to data theft through the attacker’s ability to manipula
 1. Use a browser to navigate to: {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/template.md

@@ -12,7 +12,7 @@ XSS could lead to data theft through the attacker’s ability to manipulate data
 1. Use a browser to navigate to: {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/trace_method/template.md

@@ -12,7 +12,7 @@ XSS could lead to data theft through the attacker’s ability to manipulate data
 1. Use a browser to navigate to: {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/cross_site_scripting_xss/universal_uxss/template.md

@@ -12,7 +12,7 @@ XSS could lead to data theft through the attacker’s ability to manipulate data
 1. Use a browser to navigate to: {{URL}}
 1. Forward the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/sensitive_data_exposure/critically_sensitive_data/password_disclosure/template.md

@@ -11,7 +11,7 @@ Disclosure of secrets can lead to indirect financial loss through an attacker ac
 1. Observe and copy the password value that is exposed
 1. Using the HTTP interception proxy, forward the following request:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/sensitive_data_exposure/critically_sensitive_data/private_api_keys/template.md

@@ -13,7 +13,7 @@ This could also result in reputational damage for the business through the impac
 1. Observe and copy the private API key that is exposed
 1. Using the HTTP interception proxy, forward the following request:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/sensitive_data_exposure/critically_sensitive_data/template.md

@@ -13,7 +13,7 @@ This could also result in reputational damage for the business through the impac
 1. Observe and copy the critical sensitive data that is exposed
 1. Using the HTTP interception proxy, forward the following request:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/sensitive_data_exposure/disclosure_of_secrets/data_traffic_spam/template.md

@@ -10,7 +10,7 @@ Disclosure of secrets can lead to indirect financial loss through an attacker ac
 1. Use a browser to navigate to: {{URL}}
 1 Generate data traffic by forwarding the following request multiple times to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/sensitive_data_exposure/disclosure_of_secrets/pay_per_use_abuse/template.md

@@ -14,7 +14,7 @@ Disclosure of secrets can lead to direct financial loss through an attacker maki
 
 1 Send the following request to the endpoint:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/sensitive_data_exposure/via_localstorage_sessionstorage/non_sensitive_token/template.md

@@ -10,7 +10,7 @@ This vulnerability can lead to data theft through the attacker’s ability to ac
 1. Use a browser to navigate to: {{URL}}
 1. Using the HTTP interception proxy, forward the following request:
 
-```HTTP
+```http
 {{request}}
 ```
 

submissions/description/sensitive_data_exposure/via_localstorage_sessionstorage/sensitive_token/template.md

@@ -10,7 +10,7 @@ This vulnerability can lead to data theft through the attacker’s ability to ma
 1. Use a browser to navigate to: {{URL}}
 1. Using the HTTP interception proxy, forward the following request:
 
-```HTTP
+```http
 {{request}}
 ```