Mistake fixed document/4-Web_Application_Security_Testing/07-Input_V…

…alidation_Testing/16-Testing_for_Host_Header_Injection (OWASP#591)

document/4-Web_Application_Security_Testing/07-Input_Validation_Testing/16-Testing_for_Host_Header_Injection.md

@@ -116,7 +116,7 @@ https://www.attacker.com/reset.php?token=12345
 
 In some cases a server may have virtual hosts that are not intended to be externally accessible. This is most common with a [split-horizon](https://en.wikipedia.org/wiki/Split-horizon_DNS) DNS setup (where internal and external DNS servers return different records for the same domain).
 
-For example, an organization may have a single webserver on their internal network, which hosts both their public website (on `www.example.org`) and their internal Intranet (on `intranet.example.org`, but that record only exists on the internal DNS server). Although it would not be possible to browse directly to `intranet.example.org` from outside the network (as the domain would not resolve), it may be possible to access to Intranet by making a request from outside with the following `Host` header:
+For example, an organization may have a single webserver on their internal network, which hosts both their public site (on `www.example.org`) and their internal Intranet (on `intranet.example.org`, but that record only exists on the internal DNS server). Although it would not be possible to browse directly to `intranet.example.org` from outside the network (as the domain would not resolve), it may be possible to access to Intranet by making a request from outside with the following `Host` header:
 
 ```http
 Host: intranet.example.org