nuclei-templates/http/cves/2022/CVE-2022-0776.yaml

51 lines
1.9 KiB
YAML
Raw Normal View History

id: CVE-2022-0776
info:
name: RevealJS postMessage <4.3.0 - Cross-Site Scripting
author: LogicalHunter
severity: medium
description: RevealJS postMessage before 4.3.0 contains a cross-site scripting vulnerability via the document object model.
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to potential data theft, session hijacking, or defacement of the affected website.
2023-09-06 11:59:08 +00:00
remediation: |
Upgrade to RevealJS postMessage version 4.3.0 or later to mitigate this vulnerability.
reference:
- https://hackerone.com/reports/691977
- https://github.com/hakimel/reveal.js/pull/3137
- https://huntr.dev/bounties/be2b7ee4-f487-42e1-874a-6bcc410e4001/
- https://nvd.nist.gov/vuln/detail/CVE-2022-0776
2023-07-11 19:49:27 +00:00
- https://github.com/hakimel/reveal.js/commit/32cdd3b1872ba8e2267c9e87ae216cb55f40f4d2
classification:
2023-07-11 19:49:27 +00:00
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-0776
2023-07-11 19:49:27 +00:00
cwe-id: CWE-79
2023-10-14 11:27:55 +00:00
epss-score: 0.001
epss-percentile: 0.40832
2023-09-06 11:59:08 +00:00
cpe: cpe:2.3:a:revealjs:reveal.js:*:*:*:*:*:node.js:*:*
2023-07-11 19:49:27 +00:00
metadata:
vendor: revealjs
product: reveal.js
2023-09-06 11:59:08 +00:00
framework: node.js
2024-01-14 09:21:50 +00:00
tags: cve,cve2022,hackerone,huntr,headless,postmessage,revealjs,node.js
headless:
- steps:
- args:
url: "{{BaseURL}}"
action: navigate
2023-07-11 19:49:27 +00:00
- action: waitload
2023-07-11 19:49:27 +00:00
- action: script
name: extract
args:
code: |
() => {
return (Reveal.VERSION <= "3.8.0" || Reveal.VERSION < "4.3.0")
}
matchers:
- type: word
part: extract
words:
- "true"
# digest: 4a0a00473045022015776ab1f8ee5f7cbd078059bc34167a0b8ca0a11a1bda34723f7ec03d31b6c302210098d1c6a54ecbafb3158390aea2498590fe70df9d78d3266d388274859a641533:922c64590222798bb761d5b6d8e72950